Hacked Siri Can Even Turn Off Your Thermostat

Siri is one of the most useful and advertised features of iPhone 4S. Siri offers interactive conversations with applications like weather, email, SMS and more. Although this feature is officially only available on the iPhone 4S, jailbreak enthusiasts have been successful at porting Siri to the iPhone 3GS/4 and iPod Touch.

Applidium, a french mobile development company (which brought us the famous iOS game Falldown 3D) has been successful at reverse engineering how Siri communicates with the Apple servers. The findings are pretty interesting.

Siri-Make-Me-A-Sandwich

How Siri works –

  • Siri records and sends audio data in a compressed encoded format like any VoIP service – Keep an eye on your data usage, you don’t want to get billed crazy. With improved hardware on the iPhone 4S, the conversion from voice to text on the device itself should be possible too.
  • Siri requires a unique id from a real iPhone 4S for the successfully talking to the server.
  • Siri uses a modified HTTP protocol to communicate with the Apple Siri server – guzzoni.apple.com. The data is encrypted when transmitting.
  • Siri can be misled to connect to a local HTTPS server (using a fake DNS server) if a custom root certificate for guzzoni.apple.com is injected on the iPhone. This is like a "Man-in-the-middle attack". Which also means that the encrypted data can be intercepted and the data de-encrypted on the local HTTPS server which uses the same custom root certificate imported on the phone.
  • Apple may block (the iPhone 4S’s unique id) or change the existing Siri protocol which may inturn breaks this protocol.

How can this be used?

This protocol understanding enables Siri to be ported to any Mobile phone or a PC. You will still need a unique id of an iPhone 4S (has to be jailbroken to fetch the id). This even helps write custom commands which are intercepted by the server.

An enthusiastic hacker (@Plumoni) has created a Siri proxy server to intercept Siri’s communication with Apple’s servers. The developer was able to route Siri’s voice commands from the proxy server to his WiFi enabled thermostat to adjust the temperature.

Pretty cool eh? Catch the video below.

I can imagine other developers writing custom Siri commands to type emails, sending IMs, tweeting on their computers pretty soon. I’d love to be able to turn on my car with a voice command from Siri.

May be even support Siri for unsupported languages (say French) using a 3rd party speech to text API which outputs the text which is then translated to English, passed to Siri and then data sent back to the phone in French as text (Siri won’t be able to pronounce French yet).

How can I do it too?

While it may take more time for this to be "one-click" friendly, If you’re the enthusiastic type – go ahead and try these tools.

[Via iPhoneHacks and @Applidium, Original picture "Sandwich" by XKCD]

Liked this article? Like us on Facebook!


Comments

Read previous post:
Aircel and Airtel Start Pre-order for iPhone 4S today, Price it Insanely High

As promised, Aircel and Airtel have started pre-order for the iPhone 4S today – 18th November 2011. The prices come...

Close