Yesterday I was watching Tim Cook announce the new iPhone 6s. My iPhone happened to be plugged in at the time, so when Time said “Hey Siri”, my phone came alive and started processing everything he was saying.

Now imagine that same scenario one year from now when half the audience has iPhone 6s’s with always-on Hey Siri functionality…

That got me thinking that this could potentially be a new attack vector for iOS penetration.  I’m not saying it would be easy to discover, but you could imagine a bug in Siri where you would play some synthesized sounds after Hey Siri and the phone crashes, or worse.

Even without such nefarious intentions or technical capabilities, always-on Hey Siri is a dream for every prankster with a megaphone.

Update: Now that I’ve had the chance to actually test out iOS 9 it’s pretty obvious that Apple’s engineers have thought this through.  “Hey Siri” was changed to respond only to your own voice.