this post was submitted on 19 Dec 2023
24 points (100.0% liked)

Flipper Zero

429 readers
1 users here now

Flipper Zero is a portable Tamagotchi-like multi-functional device developed for interaction with access control systems. The device is able to read, copy, and emulate radio-frequency (RFID) tags, radio remotes, iButton, and digital access keys, along with a GPIO interface.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 2 years ago
MODERATORS
 

Apple has finally closed off the ability of the Flipper Zero pen-testing tool to flood iPhones with so many popups that the handset would lock up and require a reboot.

The attack required a Flipper Zero running the Xtreme third-party firmware. Then, using the built-in BLE Spam app, the Flipper Zero could cause a flurry of popups to appear on an iPhone, eventually resulting in iOS locking up.

Put another way, it could perform a denial of service (DoS) attack on any and all iPhones within a 30-foot radius of the attacker.

The Flipper Zero app could also be used to target Android and Windows devices, although with less extreme results.

Well, this trick has come to an end with iOS 17.2. ZDNET has pitted the latest Xtreme firmware on the Flipper Zero against iPhones running iOS 17.2, and it seems that Apple has put a mechanism in place to prevent popups flooding the devices.

While a few popups do still appear, which is annoying and could cause some users confusion, the neverending stream that would deluge the iPhone has been cut off.

top 5 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 11 months ago

I can't imagine how many dozens of people this is going to affect.

[–] snowdrop 2 points 11 months ago

....for now!

[–] [email protected] 2 points 11 months ago

More like "Apple only fixes flaws when they're openly exploited".

[–] [email protected] 2 points 11 months ago

I’ve been on 17.2 Beta for a hot minute and I can still spam my phone

[–] [email protected] 1 points 11 months ago

Looks like our dreams/nightmares of Watch_Dogs are still not here yet lol