I find the idea of remotely turning an iPhone into a bug quite scary, and wonder when we'll first see a public attack of this nature.
But this feature does literally nothing to aid such an attack∗; it just makes the long-existing threat more obvious. As implemented, it doesn't send data to the server until the trigger phrase is detected, at which point it plays a conspicuous tone. To make it do more than that, you need to hack or modify the firmware, which would also let you implement the same thing on an older iPhone.
(I'd like to see an assistant that doesn't require data to be sent in the first place, but that's basically a separate issue.)
∗ okay, whatever hardware performs the trigger phrase detection with low power consumption could probably be reprogrammed by a hacked firmware to detect some other phrase, making a bug slightly more powerful... but that's pretty minor.
But this feature does literally nothing to aid such an attack∗; it just makes the long-existing threat more obvious. As implemented, it doesn't send data to the server until the trigger phrase is detected, at which point it plays a conspicuous tone. To make it do more than that, you need to hack or modify the firmware, which would also let you implement the same thing on an older iPhone.
(I'd like to see an assistant that doesn't require data to be sent in the first place, but that's basically a separate issue.)
∗ okay, whatever hardware performs the trigger phrase detection with low power consumption could probably be reprogrammed by a hacked firmware to detect some other phrase, making a bug slightly more powerful... but that's pretty minor.