Apple has finally closed off the ability of the Flipper Zero pen-testing tool to flood iPhones with so many popups that the handset would lock up and require a reboot.

The attack required a Flipper Zero running the Xtreme third-party firmware. Then, using the built-in BLE Spam app, the Flipper Zero could cause a flurry of popups to appear on an iPhone, eventually resulting in iOS locking up.

Put another way, it could perform a denial of service (DoS) attack on any and all iPhones within a 30-foot radius of the attacker.

The Flipper Zero app could also be used to target Android and Windows devices, although with less extreme results.

Well, this trick has come to an end with iOS 17.2. ZDNET has pitted the latest Xtreme firmware on the Flipper Zero against iPhones running iOS 17.2, and it seems that Apple has put a mechanism in place to prevent popups flooding the devices.

While a few popups do still appear, which is annoying and could cause some users confusion, the neverending stream that would deluge the iPhone has been cut off.

  • TWeaK@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago

    More like “Apple only fixes flaws when they’re openly exploited”.