- Apple fixes iOS bug that allowed a single Flipper Zero to launch denial-of-service attacks against every iPhone in its radius.
- Contrary to media hype, Flipper Zero isn’t the origin of the BLE packet attack.
Apple closed the Flipper Zero loophole, preventing disruptive pop-up floods. While media sensationalized it as a “super special hacking tool,” underlying vulnerabilities extend beyond Flipper.
Apple closed the loophole
In a discreet move, Apple has successfully closed the door on an exploit that allowed Flipper Zero devices to flood nearby iPhones with pop-up notifications, effectively rendering them unusable and requiring a reboot.
Flipper Zero, a tiny piece of hardware, had a unique ability to interact with digital systems in real life.It evolves and grows as users explore different access control systems, RFID, radio protocols, and debug hardware via GPIO pins, aiming to bring together all the necessary hardware tools for on-the-go exploration and development, providing a convenient and enjoyable experience.
The unique denial of service (DOS) capability, which is not native to Flipper Zeros but requires the Xtreme third-party firmware, allowed users to flood iPhones within a 30-foot radius with pop-up notifications.
While this attack affected Android and Windows devices, it proved particularly effective against Apple devices.With an extended range, facilitated by a larger antenna, the potential for disruption increased to 50 feet or more.
In terms of iOS updates, the latest version, iOS 17.2, addresses the Flipper Zero exploit and prevents iPhones from being flooded with pop-up notifications.Apple’s commitment to security is further emphasized in the upcoming iOS 17.3, which is touted to introduce a number of anti-theft features.
Also read:Apple users can now buy the USB-C charging case separately
The misconception of a “super special hacking tool”
Recent media coverage has sensationalized Flipper Zero as a “super special hacking tool”, leading to its banning in some places.However, it’s important to cut through the hype and realize that Flipper Zero’s internals consist of common and easily accessible radios, making it a conveniently packaged device rather than an extraordinary tool.
Contrary to the media narrative, the Flipper is not the originator of the BLE packet spoofing attack.In fact, the attack method used to flood nearby iPhones with pop-up notifications didn’t even come from the Flipper itself.
A look at the AppleJuice project on GitHub shows that similar scripts can be run on a Linux machine with an internal Bluetooth card or a USB Bluetooth adapter, without the need for the Flipper device.The key to executing this attack lies in the ability to send crafted BLE packets, a capability not exclusive to the Flipper.
This begs the question: Is it fair to single out the Flipper as a “super special hacking tool” when the underlying vulnerability is not specific to this device?Rather than sensationalizing the Flipper, discussions should focus on the wider implications of BLE packet crafting attacks and the need for comprehensive security measures.