this post was submitted on 19 Dec 2023
24 points (100.0% liked)

Flipper Zero

429 readers
1 users here now

Flipper Zero is a portable Tamagotchi-like multi-functional device developed for interaction with access control systems. The device is able to read, copy, and emulate radio-frequency (RFID) tags, radio remotes, iButton, and digital access keys, along with a GPIO interface.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 2 years ago
MODERATORS
 

Apple has finally closed off the ability of the Flipper Zero pen-testing tool to flood iPhones with so many popups that the handset would lock up and require a reboot.

The attack required a Flipper Zero running the Xtreme third-party firmware. Then, using the built-in BLE Spam app, the Flipper Zero could cause a flurry of popups to appear on an iPhone, eventually resulting in iOS locking up.

Put another way, it could perform a denial of service (DoS) attack on any and all iPhones within a 30-foot radius of the attacker.

The Flipper Zero app could also be used to target Android and Windows devices, although with less extreme results.

Well, this trick has come to an end with iOS 17.2. ZDNET has pitted the latest Xtreme firmware on the Flipper Zero against iPhones running iOS 17.2, and it seems that Apple has put a mechanism in place to prevent popups flooding the devices.

While a few popups do still appear, which is annoying and could cause some users confusion, the neverending stream that would deluge the iPhone has been cut off.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 10 months ago

More like "Apple only fixes flaws when they're openly exploited".