Siri hack reveals how your humble assistant does her magic
Are you curious about the way Siri does her magic? Well, so were the guys at Applidium, which is why they rolled up their sleeves and successfully managed to take a look at some of Siri's inner workings.
Through a well-known hacking method called reverse-engineering, they were able to figure out how Apple's humble personal assistant communicates with the company's servers. Unsurprisingly, it turns out that Siri uses a secure connection, and a valid security certificate was needed in order to establish one. However, the guys discovered that any self-signed certificate would do the trick just fine, meaning that they had no trouble obtaining permission to transfer data with Apple's server.
Incoming and outgoing connections were monitored via a proxy server during the procedure, which is why the folks could take a look at the data that is sent to Apple and at the data that is returned to the iPhone 4S. In a nutshell, Siri compresses your audio input and sends it to the server, after which the data gets processed and returned to the sender's device. However, before replying, Apple's server verifies whether the the iPhone in use is valid or not via its unique identifier, also known as UDID.
Those who are eager to take a look under Siri's hood are free to download the tools that were used during the intervention. Besides, developers might be interested in knowing that thanks to cracking into Siri's communications protocol, coming up with an iOS or even an Android application that takes advantage of the real Siri is quite possible indeed. However, you might want to be quick in cracking Siri open yourself as it is only a matter of time until Apple does something to patch the holes that make it possible.
source: Applidium via IntoMobile
Things that are NOT allowed: