

Proxy server for Siri - friggeri
https://github.com/plamoni/SiriProxy

======
SeoxyS
I'm actually wondering if it'd be possible to get this to work over 3G without
jailbreaking. Can somebody smarter than me tell me if this would work:

\- Installing root CA. \- Setting up the proxy on ec2 instance. \- Setting up
a custom DNS server on that instance, to override the Siri domain. \- Setting
up the iPhone to use that DNS server, or if not possible, setting it up to use
a VPN and through the custom DNS.

And the end result is a Siri that always works and that you can use to run
code on an ec2 instance. You'd be able to hook it up to third parties APIs,
like Twitter or Facebook.

~~~
yusefnapora
I've been trying to figure this out too... I think the VPN is the only way to
get it working over 3g, as there's no way to override the DNS on the cell
connection. Thanks for that idea, VPN hadn't occurred to me! I'm going to give
it a shot; I'll report back if successful.

Edit: Success! I'm not running it on EC2 yet, just my home network. Basically
I've got dnsmasq on my router redirecting guzzoni.apple.com to my home
fileserver with SiriProxy running. The router is also running a PPTP VPN
server. I can use the VPN over 3g to make Siri requests and see the output on
my local machine. Thanks again for the VPN idea; that's gold. Next step - to
the cloud!

~~~
johnbatch
You can also setup an APN Proxy using the iPhone Configuration Utility.

~~~
yusefnapora
Oh, awesome. Thanks!

------
icebraining
Uhm, running a Ruby script as root? No...

If you're running it on Linux, use iptables to redirect the port to something
you can use without root: [http://www.cyberciti.biz/faq/linux-port-
redirection-with-ipt...](http://www.cyberciti.biz/faq/linux-port-redirection-
with-iptables/)

~~~
btucker
I'm all for avoiding running things as root, but what does it being written in
Ruby have to do with it?

~~~
xtacy
It probably has a greater attack surface that can be exploited. The advantage
of iptables is that it does the barest minimum at a high privilege level:
<http://en.wikipedia.org/wiki/Principle_of_least_privilege>

~~~
igorhvr
Beware that there is no consensus that this is a good thing.

From Daniel Bernstein(qmail creator) at
<http://cr.yp.to/qmail/qmailsec-20071101.pdf>

"I have become convinced that this “principle of least privilege” is
fundamentally wrong. Minimizing privilege might reduce the damage done by some
security holes but almost never ﬁxes the holes. Minimizing privilege is not
the same as minimizing the amount of trusted code, does not have the same
beneﬁts as minimizing the amount of trusted code, and does not move us any
closer to a secure computer system."

~~~
russelldavis
There's no consensus that "reducing the damage done by some security holes" is
a good thing? Bernstein mentions it as a distraction (which may be true), but
it's better than doing nothing.

------
klapinat0r
Can anyone explain to me how does relaying in a proxy like this work?

Since you're not tampering with the iPhone's hosts file, and use, let's say,
your home PC for handling the guzzoni.apple.com dns + CA for level certs.. I'm
wondering how you send the request to the actual guzzoni.apple.com? I mean, if
you do $ curl -s <https://guzzoni.apple.com> on the home PC, it would respond
with the localhost server as you've rerouted it to 127.0.0.1 in the home PC's
hosts file - or am I missing something here?

Should I use two PC's, one for handling the iPhone interaction, and one as
"backbone" which can reach the real guzzoni.apple.com?

Or am I suppose to run a dns service which responds <internal ip of home PC>
for SOME devices, but real dns for others (e.g. home PC)?

~~~
ivank
As the page says,

    
    
      make sure that computer is not using your DNS server!
    

So, your iPhone uses your special DNS server, while your computer doesn't.

------
roblund
This is pretty neat. You could potentially link Siri up with all kinds of
crazy stuff.

"Siri start my truck" "Siri feed the dog"

~~~
TeeOff
You mean "Siri charge my leaf" and "Siri trurn on heating in my leaf"? They'r
coming this christmas, when I get my Nissan Leaf :)

------
joshbaptiste
Twisted implementation: <https://github.com/wrboyce/sirious>

------
wslh
I am waiting for the standalone one. Without using an iPhone.

Probably in less than one month will be available.

~~~
wallflower
Apple will probably lock down the protocol if that happens. They're not
Google, giving away search for free.

~~~
icebraining
There is only so much they can do to lock it down; like all DRM, the system is
inherently insecure since the client can't be trusted.

In any case, I don't see why would they care unless more than one person
starts using the same UUID. If you bought an iPhone to use the service, they
already got the money.

~~~
mortenjorck
That is one way of looking at it. Consider the hardware your ticket to Siri,
and as long as you don't place abnormal demand on the service, there's really
no reason Apple should care.

------
deepkut
Pretty neat, nice work.

------
w1ntermute
Before we know it, someone will have made an app that fully integrates Siri
into the Android workflow.

~~~
tobylane
Why would Android (3rd party developers) want to be so obviously using Apple's
hard work? In the middle of a patent trial? I'd expect all the big markets to
not allow the app.

~~~
w1ntermute
> Why would Android (3rd party developers) want to be so obviously using
> Apple's hard work?

Unlike iOS develoeprs, Android developers are not a homogenous group with a
single vision. They are a diverse group of people, and there will no doubt be
someone amongst them who will make such an app.

> In the middle of a patent trial?

I don't see the relevance of "a patient trial" to a 3rd party developer
unaffiliated with Google making an app to harness Siri on Android.

> I'd expect all the big markets to not allow the app.

Fortunately, unlike iOS, Android doesn't suffer from a locked down app
installation procedure that prevents sideloading. So the developer could just
offer the .apk file on his site for all and sundry to download and use.

~~~
chrisdroukas
What's the legality of distributing an app like that, though?

~~~
w1ntermute
I(ANAL) can't think of any laws being violated, can you?

~~~
tobylane
Using Apple's server processing that they don't even want to offer to the
current ipod touch?

~~~
w1ntermute
Unless user-based authentication is necessary to use Siri (and the unofficial
version "breaks into" the Siri servers), I don't see how this is any different
from a website saying you can only use one browser to access the site, and you
choosing to use another.

However, IANAL, and I would definitely wait for at least a few weeks after
release before trying it out myself.

