* Access your contact lists (and phone numbers / addresses / etc)
* Access calendar details (and delete them)
* Make phone calls / SMSs
* Send e-mails to contacts
* Change the name which Siri calls you
* Change alarms / reminders
This, by itself, is a siri-ous security flaw (sorry, had to), but what’s more interesting is that a corresponding flaw in iPad 2’s that use Smart Covers has also been discovered – which allows bypassing the passcode altogether (http://9to5mac.com/2011/10/20/anyone-with-a-smart-cover-can-break-into-your-ipad-2/). Not something that can be sneezed at.
No doubt Apple will be releasing patches (eventually) to address these issues, but what’s ultimately concerning is that in their meticulous approach, this was an intentional choice, placing convenience over security (also see Mac OS LDAP). I’m sure those who have been following them may have begun to identify a trend in their design decisions.
Speaking of Siri, enterprising developers have created a Siri clone called Iris, in 8 hours. Available free on the Marketplace (https://market.android.com/details?id=com.dexetra.iris), based on similar. Iris is rough and lacking polish, but on the right track. That basically sums up the whole situation, I think.