Why You Shouldn’t Use H1Siri

When we told you all about a new jailbreak app claiming to bring Siri to non-4S iDevices yesterday, we were deeply skeptical about its authenticity. We later received confirmation that, yes, the H1Siri app did use some of Apple’s own code and thus was indeed illegal.

As Pete “Plamoni” Lamonica shows in his latest video, questionable legality isn’t the only reason that you shouldn’t be using H1Siri – it could potentially give a third-party control over your iDevice, and with relative ease on their part.

As we warned yesterday, using H1Siri means that you are sending all kinds of personal data through someone else’s servers, meaning that they can either eavesdrop on what is going on with your iDevice, or even take control of it as shown in Pete’s video…

[tube]http://www.youtube.com/watch?v=Y_Q6PfxBSbA[/tube]

The video shows how easy it would be for a remote SiriProxy server to send SMS messages from your iPhone without your knowledge. Because you have no idea what plugins are being run on the server that Siri is communicating with, you do not know what could be going on behind the scenes.

While Pete’s video shows an SMS being sent to a phone number in his address book, it is theoretically possible to send messages to any number. This means that a compromised SiriProxy sever could have your phone send SMS messages to premium rate numbers, costing you a small fortune in the process.

The moral of this story is a simple one. Do not use a remote SiriProxy server that you do not have control over, because you just do not know what plugins are being run on it. While it may well be safe to use, is it really worth the risk just to use Siri on an iDevice that isn’t an iPhone 4S?