If you want Siri on your iPhone 4, iPod Touch 4G or on the iPad 2 you probably know that you will need Spire and a running SiriProxy. To run a SiriProxy you definitely need an iPhone 4S so that you can use it validation keys to get your Proxy up and running. There are many Proxies across the web that provide you free SirProxies but ‘The Three Little Pigs Server’ is the most popular one.
However there is a very big problem with these servers and i.e. the ValidationData required from a 4S lasts only for 24 hours. This means that you have to renew the proxy every 24hrs which is kind of frustrating specially for free servers as there should be some people there who have to donate their keys everyday.
But now one of the founders of ‘The Three Little Pigs Server’ tweeted that he has found an exploit in the Siri protocol which will allow him to create multiple ValidationData with a single iPhone 4S!
@jmmykane9 explains how the process works:
Every time an iDevice uses Siri for the first time or creates a new assistant in apple database, guzzoni replies with a property validityDuration that tells for how long the generated validation data from the iDevice are valid.
Default reply on this by apple is: 90000 sec = 25h!!!
So response from apple is:
And we just change the validityDuration to whatever we please.
By changing the validityDuration to another value, say 15 seconds, the ValidationData will be renewed every time you use Siri and the keys are older than 15 seconds.
jimmykane9 has already added the exploit to the experimental tree of The Three Little Pigs server. In order to use the exploit, you need a jailbroken iPhone 4S:
- Edit the config.yml file of your SiriProxy and set regenerate_interval to the time after which the iPhone4S should generate new ValidationData. A good value is 15 seconds (default is 90000 seconds)
- On your iPhone 4S, delete /var/mobile/Library/Preferences/com.apple.assistant.plist
- Connect to the server and make a request. You should see something like -> "[Exploit - SiriProxy] Command send to iPhone4S to regenerate multiple keys every 15 seconds”
- Done. Wait 15 seconds and use Siri again! You should have another key in your DB
- Repeat as many times you want!
- To restore just delete the assistant.plist.
Jimmykane9 also said that this can probably also be integrated into the assistant.plist directly, but he hasn’t tested it yet.
We can’t verify if this process of generating multiple validationData with one iPhone 4S actually works, but if it does, we could see a dramatic increase in free SiriProxy servers, because you could basically use one iPhone 4S to get thousands of older devices connected to Siri’s servers.
But even if this works without any issues, we have to keep in mind that Apple might fix this exploit, as it looks like they are now actively fighting against Spire and SiriProxies.
Let me know what you guys think about this in the comments section below.
If you found this post useful hit the +1 (recommend) button.