Apple's Siri gets hacked, could potentially run on Android

Apple’s iPhone 4S main USP is truly Siri, the device’s built-in voice-activated personal assistant.

Siri, nevertheless, has now been hacked by a group of developers who have detailed how the service works and claim that it could, potentially, be ported over to Android.

‘Today,’ says Applidium, ‘we managed to crack open Siri’s protocol. As a result, we are able to use Siri’s recognition engine from any device. Yes, that means anyone could now write an Android app that uses the real Siri! Or use Siri on an iPad!’

Of course Apple’s server was secured, which would as a general rule deter most people from venturing furthermore. Nevertheless Applidium obviously aren’t ‘most people’ and found away around Apple’s security by creating a fake guzzoni.apple.com server.

‘Deep down all we had to do was to setup a custom SSL certification authority, add it to our iPhone 4S, and use it to sign our very own certificate for a fake "guzzoni.apple.com".’

Bit as it goes

Quite a bit as it goes. Apple’s iPhone 4S does as a matter of fact send back raw audio to Apple’s server, which is ‘compressed using the Speex audio codec.’ To all appearances this ‘makes sense as it’s a codec exactly tailored for VoIP (Voice over Internet Protocol)’ and it as well explains why Siri needs a 3G or Wi-Fi connection to work.

As expected, the iPhone 4S ‘sends a tons of things to Apple’s servers,’ says the report. To illustrate: when you speak to Siri, Apple’s server replies with a ‘confidence score and the timestamp of each word.’

This is undoubtedly possible, according to Applidium, however you will need an iPhone 4S to act as an identifier. What this means is that if you want to set up Siri on your Galaxy S2, for instance, you’ll need quite a bit of coding know-how. Yet it is theoretically doable.

Apple will no doubt be all over this security breach in a flash. So if you want to see what it's all about, we suggest you act fast.