[modeless]

Hacks are admired here, not condemned. Reverse engineering should always be allowed. This information doesn't make it possible to DDoS Siri or port it to Android as each request requires a unique iPhone ID; Apple can easily filter out unauthorized requests.

[bodegajed]

Maybe You admire them. But I don't. Are we going to hack/crack each other's apache servers from now on? Or are we going to build businesses that will solve problems for everyone?

[jf]

A hacker is "[a] person who delights in having an intimate understanding of the internal workings of a system" and this site is called "Hacker News".

And yes, we are going to help each other improve the security of our systems. If we don't, someone malicious will.

[Volpe]

"As a result, we are able to use Siri’s recognition engine from any device. Yes, that means anyone could now write an Android app that uses the real Siri!"

Are they just lying then?

There demo said they got siri to work with no iphone involved (in the end).

Also... DDoS would still be effective, no? (the server still has to 'filter')

> Hacks are admired here

You sure about that? A lot of China-bashing happens here based around it's 'Hacking' of U.S targets, I've never seen admiration of such things.

[modeless]

They're not lying. Anyone could write an Android app that uses Siri, but it would require the ID from an iPhone to work, so distributing it would be problematic.

[bigiain]

Yeah, unless someone happened to have a huge cache of real device IDs...

http://www.readwriteweb.com/archives/dear_iphone_users_your_...

(I hope the app store magical-vetting-code is smart enough to ensure the new hit app "Somewhat Annoyed Birds" isn't capable of fishing around in the phone for the Siri ID and sending it back to the developers website along with the high score you just got...)

[jrockway]

Why would that be problematic? You write a server that provides clients with an iPhone ID that hasn't been banned from using Siri yet, and then you make the app contact that server to get the ID.

I'm sure Apple would send a nastygram, but they send nastygrams if you scratch your phone and don't get it repaired quickly enough. There is no law against telling other people your phone's serial number. There is no law against sending an HTTP request to an HTTP server for non-malicious reasons. So really, I don't see much of a legal problem.

[modeless]

Where would you get the valid IDs? You can't share the same ID between very many users, or Apple will ban it. You can't buy an iPhone for every user of your Siri app. iPhone users won't willingly give you their IDs. Are you going to somehow obtain and use the IDs of unsuspecting iPhone users without their permission? That is likely illegal and definitely will get you sued and booted from Android Market.

[jrockway]

My guess is that Apple will ban an ID after a day or two. My other guess is that you can just keygen the ID.

[skore]

You are confusing cracking and hacking.

[Volpe]

I see so, "cracking" is admired here. "hacking" condemned.

Got it! :)

[z92]

From the article:

"The iPhone 4S sends identifiers everywhere. So if you want to use Siri on another device, you still need the identfier of at least one iPhone 4S. Of course we’re not publishing ours"