Both sides of the Atlantic have been buzzing since a hacker busted into Siri, the new voice-recognition software on the iPhone 4S. Meet the man who cracked Apple’s latest secret gem. But is it legal?
PARIS - He is the latest geek hero, having managed to unlock the mysteries of Apple's voice recognition software. But this time, we are not facing some obscure hacker, working in isolation under some creepy pseudonym. He is Romain Goyet, the co-founder and technical direction of Applidium, a well-established mobile applications company that is part of the Paris-based faberNovel new technology group. We caught up with this hacker to hear about his process and what his breakthrough could mean.
Les Echos: You "cracked" Siri. What does that mean, concretely?
Romain Goyet: You have to understand how Siri functions. To put it simply, Siri is a voice recorder. The program records what you say and sends the information to Apple. There, they have large computers that analyze everything and send the results back to the iPhone, which then executes the command. We wanted to know how that dialogue worked. In order to do that, we hacked into the channels of communication by having our own machines send the data, and we watched what happened. There is an enormous amount of data exchanged between the iPhone and Apple. The servers even give a confidence score to each word that the user speaks!
Was it difficult?
Everything is obviously very protected by Apple, with encryption. So first of all, we had to find a way to get around the encryption, and then we had to understand what we had decoded. That represented about 3 to 4 full days of work for me, spread out over about two weeks.
So now you can use Siri on other Apple products, or even on other devices, like those that use Android?
We have published the protocol specifications. So technically everything is possible now: Siri can be used on any platform. For example, we published a demonstration program on a Mac.
But there are two important limitations. First of all, we didn't take the time to build an elegant interface like Apple did. So you have to type in command line code, but I don't think that will present an obstacle for those who are interested.
Secondly, you must have an iPhone 4S username. We explained how to recover the username, but you must have an iPhone 4S to get it. For security reasons, Apple planned it so that the iPhone has to identify itself before it can request a voice analysis in its communication with Apple's servers. They just didn't imagine that the username could be used on another machine.
Are you afraid of provoking Apple?
Legally, there is no problem. We haven't done anything but publish the specifications. The European Union allows the owner of a gadget to see how it works, and that is all that we have done. It's true that American law is a bit less tolerant on that subject. But if Apple is really bothered by what we have done, they can easily change their protocol.
Read the original article in French
Photo - Chippycheeky