Siri Server Protocol Cracked; Could It Be Ported to Android?
We’ve looked at the efforts so far made towards getting Siri off the iPhone 4S and sharing its features with the likes of the iPhone 4 and 3GS. While those efforts were more about trying to move the entire Siri experience, unchanged, to a non-authorized Apple device, another group has been at work on expanding access to Siri at a more fundamental level. Now they’ve revealed the fruits of their efforts at cracking into Siri’s server protocol, in-theory opening-up the service to even non-iOS smartphones.
Analysis of the data sent to and received from the Siri servers was a bit more difficult than just sniffing a few packets, thanks to Apple using an encrypted HTTPS connection. That meant using faked certificates to establish communication with their own server, masquerading as Siri’s, and analyzing data sent from the iPhone 4S.
It turns out that Siri voice samples are sent to Apple for analysis after compression with a VoIP codec, then further compressed and tagged all over with a unique ID tied to your iPhone 4S. Knowing all this, the group was able to send recordings to the Siri server and receive back its analysis, without any use of an iPhone at all. The returned analysis contains quite a lot of data, including a breakdown of each word in the recording, along with Siri’s probability estimates at having made a correct guess.
The pieces are in place to create Siri-like apps, using Apple’s Siri server, on other platforms now, but there’s still the issue of that unique ID. Any published IDs are likely to be banned, so you’ll probably need a 4S of your own to make use of any such ports that end up being released.