It seems like every time we get a new version of iOS, someone finds some way to get around the passcode and into parts of the device. This time around, Youtube user videosdebarraquito shows off a simple Siri exploit that grants access to photos and contacts.
This time around, some obnoxious user can get into your phone's Photos app via the Contacts screen. The video above suggests you need to incorrectly enter in the password a few times, then enter in half the passcode before invoking Siri. Then ask Siri "What time is it?" tap one of the alarms, then head over to the World Clock tab and create a new clock. Here, type in a couple letters, then tap to select the whole word. When the pop-up comes up, select "Share," then text message. Now, you have access to the Contacts app, which also gives you access to photos if you try to change a contact's photos.
This isn't the first time Siri's the cause of something like this, and it's likely hard to balance features with security. It's certainly not the end of the world, but again, don't store sensitive photos on your phone. Thankfully, preventing this exploit is pretty easy and you have two options. First, you can simply change your passcode to an alphanumeric password, which is more secure anyway. Otherwise, you can simply turn off Siri on your lock screen. Just head into Settings > Touch ID & Passcode and then turn off Siri in the "Allow Access When Locked" section.