iPhone 4S Siri ships with security flaw
The iPhone 4S' new voice command/dictation powerhouse Siri looks like it may be too strong for the iOS security. There is a zero-day flaw in Siri that will threaten your phone's security (assuming there is something worth securing), but luckily there is a pretty simply way to get around the issue for now.
The trouble is that even if you have a passcode set on your iPhone's lockscreen, Siri can bypass it and get into your phone. This is not unlike the trouble Apple had with emergency calls being able to bypass lockscreen security and gain access to your photos and contacts. This time around, Apple has Siri enabled on the lockscreen by default, meaning anyone can use a voice command to access your e-mail, contacts or calendar.
As we mentioned, if you have nothing that requires too much security in any of those systems, it's not much of a worry ("Oh no! I left my phone on the bus and now the person who has it can e-mail my mom! My mom!") Of course, if it's that much of a worry for you, all you have to do is disable Siri from your lockscreen in the "Passcode Lock" settings screen.
source: CNet
Things that are NOT allowed: