I need someone to explain this to me.

Siri proxy adds tons of functionality, doesn’t require a jailbreak

siri-proxy

[Pete] has an iPhone 4s and loves Siri, but he wishes she had some more baked-in capabilities. While the application is technically still in beta and will likely be updated in the near future, [Pete] wanted more functionality now.

Since Apple isn’t known for their open architecture, he had to get creative. Knowing how Siri’s commands are relayed to Apple thanks to the folks at Applidium, he put together a proxy server that allows him to intercept and work with the data.

The hack is pretty slick, and doesn’t even require a jailbreak. A bit of DNS and SSL trickery is used to direct Siri’s WiFi traffic through his server, which then relays the commands to Apple’s servers for processing. On the return trip, his server interprets the data, looking for custom commands he has defined.

In the video below, he gives a brief overview of the system, then spends some time showing how he can use Siri to control his WiFi enabled thermostat. While the process only works while Siri is connected to his home network via WiFi, it’s still pretty awesome.

Comments

  1. 9a3eedi says:

    This is pretty awesome.. too bad it requires having to have it running under a proxy rather than just editing an XML file or something.

  2. MattBennett says:

    I wonder…. If your able to man-in-the-middle siri servers like that. I wonder how hard it would be to trick the servers into using the IRIS port of Siri using a thin layer..

  3. Anonymous says:

    Pretty cool. All you need now is WiFi control over the fridge, lights, and maybe some more ;)

  4. goldscott says:

    Very awesome. I’d love “Siri” to be on all my devices.

    Right now on my laptop I’m using the Mac’s “speech recognition” tool (which should be updated to Siri).

  5. Nemis says:

    trick ssl without jailbreak ?!!

  6. Olek says:

    Does it mean, that anyone who have an access to hosts relaying Siri’s communication with Apple servers can “read” what I have said (e.g. boss, wife, ISP) ??

    • AP² says:

      No! They need to manually, physically install a root certificate in your phone, or Siri won’t accept the proxy’s certificate and fail to connect. This is NOT a security hole.

      Please read step 2 in the “Setup Instructions”.

  7. zingbat says:

    Pretty cool. But makes me worry about implementing this.

    How soon before Apple puts out an update to the Siri protocol and breaks this thing?

  8. somebody says:

    its SpeakToIt hacking time :D
    (i just want siri to my android)

  9. BrainSlugs83 says:

    So, in other words, anyone running a WAP can spy on your conversation with Siri? Thanks Apple!

    • yunoread says:

      Between you and Olek, the lack of actually taking the time to read the guy’s site makes me want to cry.

      Yes, anyone with a WAP can spy on my SIRI conversation, providing they jigger with DNS AND if I happen to install the self-signed SSL cert they have created on my phone ahead of time.

      Seriously people RTFA.

    • Smulders says:

      If you connect to my WAP, I can see every single bit you send. This has nothing to do with Apple.

    • AP² says:

      No! Siri checks to see if the proxy has a valid certificate for the server. The only way they can bypass it is because they manually, physically installed a root certificate they control on the phone.

      Unless you physically give your phone to some stranger, the HTTPS connection will fail and Siri won’t be able to connect.

  10. Jonathon says:

    Where are all the cool android hacks?

    And as the previous commentor said, where is a hack for Speak to It assistant?

  11. Dude… yeah… pretty FREAKING cool if you ask me. Great job on this! Thank you for sharing your progress.

  12. Inburst says:

    I have a voice automated house and I was pissed I had to run mics everywhere so I could just talk in every room. This is EXACTLY what I need. Thanks man! Great work!

  13. Matt says:

    You could totally run Juniper pulse vpn on the iPhone and access from anywhere via 3g/vpn would be very cool! Awesome Job!

  14. ejonesss says:

    might not require jailbreak but may require udid registration as part of the $99 developer kit.

  15. Vinicios says:

    Still work?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s