iOS 17.1 update still no defense against Flipper Zero iPhone crashes

iPhone 14 Pro Max running iOS 17.1 crashed in under three minutes with a Flipper Zero

My iPhone 14 Pro Max running iOS 17.1 crashed in under three minutes with a Flipper Zero

Adrian Kingsley-Hughes/ZDNET

All eyes are on iOS 17.1 to fix a raft of iPhone issues, from the overheating problems that made iPhones almost too hot to touch (early reports are positive here), that odd screen burn-in problem that wasn’t burn-in (yes, that one seems fixed), to the more obscure nighttime rebooting bug (jury is out on this one). But there’s one bug that I’ve been asked about more than any other.

Can you still crash an iPhone with a Flipper Zero?

Ummm, yes.

Also: Flipper Zero: Geeky toy or serious security tool?

The image above might leave the impression that the Flipper Zero needs to be placed right beside the iPhone in order to crash it. But it doesn’t. While taking this photo I also inadvertently crashed my iPad Pro that was in another room.

In fact, I’ve tested the range of this attack and I find that it is effective out to a radius of 20 to 30 feet, depending on how open the space is.

And if you take a modern office space, coffee shop, train station, or airport, you can get a lot of iPhones in that small space.

It takes about three minutes for a BLE Spam lockup crash Flipper Zero attack — which requires third-party software to be loaded onto the Flipper Zero — to reboot an iPhone. Before that three-minute mark, however, the handset can become unresponsive to touch inputs and other Bluetooth devices connected to the iPhone can be forced to disconnect and reconnect. 

A BLE Spam lockup crash Flipper Zero attack isn't dangerous either in terms of damaging hardware or delivering a malicious payload, but it is annoying when the iPhone becomes unresponsive

A BLE Spam lockup crash Flipper Zero attack isn’t dangerous either in terms of damaging hardware or delivering a malicious payload, but it is annoying when the iPhone becomes unresponsive

Adrian Kingsley-Hughes/ZDNET

It’s important to note that while the Flipper Zero doesn’t drop malware onto the iPhone or cause any sort of permanent damage, this is a frustrating DoS (denial of service) attack that can cause a user great distress or make them think their iPhone is defective. 

Also: How to use iPhone’s Security Keys feature to protect your Apple ID

What’s your defense? The only defense I can offer is this: If you notice your iPhone doing something strange, disable Bluetooth — which you can do one of two ways. One, go into the Control Center and disable it there. (With this method Bluetooth only stays off until the next day. ) Or, go into Settings > Bluetooth and flip the toggle there. Then restart the device, because my testing suggests that iPhones get a little flaky after this and benefit from a reboot. 

Source Link

LEAVE A REPLY

Please enter your comment!
Please enter your name here