Siri proxy adds tons of functionality, doesn’t require a jailbreak

posted Nov 21st 2011 10:01am by Mike Nathan
filed under: iphone hacks

siri-proxy

[Pete] has an iPhone 4s and loves Siri, but he wishes she had some more baked-in capabilities. While the application is technically still in beta and will likely be updated in the near future, [Pete] wanted more functionality now.

Since Apple isn’t known for their open architecture, he had to get creative. Knowing how Siri’s commands are relayed to Apple thanks to the folks at Applidium, he put together a proxy server that allows him to intercept and work with the data.

The hack is pretty slick, and doesn’t even require a jailbreak. A bit of DNS and SSL trickery is used to direct Siri’s WiFi traffic through his server, which then relays the commands to Apple’s servers for processing. On the return trip, his server interprets the data, looking for custom commands he has defined.

In the video below, he gives a brief overview of the system, then spends some time showing how he can use Siri to control his WiFi enabled thermostat. While the process only works while Siri is connected to his home network via WiFi, it’s still pretty awesome.

Comments [21]

tagged: dns, home automation, iPhone 4s, proxy, siri, ssl

21 Responses to Siri proxy adds tons of functionality, doesn’t require a jailbreak

9a3eedi says:

November 21, 2011 at 10:06 am

This is pretty awesome.. too bad it requires having to have it running under a proxy rather than just editing an XML file or something.

Reply Report comment

MattBennett says:

November 21, 2011 at 10:46 am

I wonder…. If your able to man-in-the-middle siri servers like that. I wonder how hard it would be to trick the servers into using the IRIS port of Siri using a thin layer..

Reply Report comment

AP² says:

November 21, 2011 at 2:31 pm

The Applidium guys managed to make a request from their laptop, so that’s perfectly possible. You still need a valid iPhone/iPad UUID to connect, though.

Reply Report comment

Anonymous says:

November 21, 2011 at 11:00 am

Pretty cool. All you need now is WiFi control over the fridge, lights, and maybe some more ;)

Reply Report comment

goldscott says:

November 21, 2011 at 11:01 am

Very awesome. I’d love “Siri” to be on all my devices.

Right now on my laptop I’m using the Mac’s “speech recognition” tool (which should be updated to Siri).

Reply Report comment

Nemis says:

November 21, 2011 at 11:59 am

trick ssl without jailbreak ?!!

Reply Report comment

AP² says:

November 21, 2011 at 2:32 pm

You don’t need a jailbreak to install your own root CA cert, although you do need physical access.

Reply Report comment

Olek says:

November 21, 2011 at 12:29 pm

Does it mean, that anyone who have an access to hosts relaying Siri’s communication with Apple servers can “read” what I have said (e.g. boss, wife, ISP) ??

Reply Report comment

AP² says:

November 21, 2011 at 2:27 pm

No! They need to manually, physically install a root certificate in your phone, or Siri won’t accept the proxy’s certificate and fail to connect. This is NOT a security hole.

Please read step 2 in the “Setup Instructions”.

Reply Report comment

zingbat says:

November 21, 2011 at 12:54 pm

Pretty cool. But makes me worry about implementing this.

How soon before Apple puts out an update to the Siri protocol and breaks this thing?

Reply Report comment

somebody says:

November 21, 2011 at 12:59 pm

its SpeakToIt hacking time :D
(i just want siri to my android)

Reply Report comment

BrainSlugs83 says:

November 21, 2011 at 1:38 pm

So, in other words, anyone running a WAP can spy on your conversation with Siri? Thanks Apple!

Reply Report comment

yunoread says:

November 21, 2011 at 1:42 pm

Between you and Olek, the lack of actually taking the time to read the guy’s site makes me want to cry.

Yes, anyone with a WAP can spy on my SIRI conversation, providing they jigger with DNS AND if I happen to install the self-signed SSL cert they have created on my phone ahead of time.

Seriously people RTFA.

Reply Report comment
Smulders says:

November 21, 2011 at 1:49 pm

If you connect to my WAP, I can see every single bit you send. This has nothing to do with Apple.

Reply Report comment
AP² says:

November 21, 2011 at 2:28 pm

No! Siri checks to see if the proxy has a valid certificate for the server. The only way they can bypass it is because they manually, physically installed a root certificate they control on the phone.

Unless you physically give your phone to some stranger, the HTTPS connection will fail and Siri won’t be able to connect.

Reply Report comment
- Wizdom says:
  
  November 22, 2011 at 4:08 am
  
  I feel your frustration dude! I think these guys are only here for the videos, not sure they are actually able to read a blog.

Jonathon says:

November 21, 2011 at 1:42 pm

Where are all the cool android hacks?

And as the previous commentor said, where is a hack for Speak to It assistant?

Reply Report comment

Brett W. (FightCube.com) says:

November 21, 2011 at 4:24 pm

Dude… yeah… pretty FREAKING cool if you ask me. Great job on this! Thank you for sharing your progress.

Reply Report comment

Inburst says:

November 21, 2011 at 4:51 pm

I have a voice automated house and I was pissed I had to run mics everywhere so I could just talk in every room. This is EXACTLY what I need. Thanks man! Great work!

Reply Report comment

Matt says:

November 22, 2011 at 2:23 am

You could totally run Juniper pulse vpn on the iPhone and access from anywhere via 3g/vpn would be very cool! Awesome Job!

Reply Report comment

ejonesss says:

February 6, 2012 at 5:33 am

might not require jailbreak but may require udid registration as part of the $99 developer kit.

Reply Report comment