Apple's Delay in Addressing the Security Vulnerability in the Latest iOS Beta
Back in September, an iPhone user reported a security issue that could render an iPhone unusable with nothing but a Flipper Zero multitool and some creativity. Now, months later, Apple has still not addressed this issue in any fashion, sparking concerns. Essentially, someone with the technical know-how could use the Flipper Zero to ping the AirPods Bluetooth connect symbol on the screen consistently to lock down a device. As 9to5Mac has pointed out, the iOS 17.2 beta does nothing to rectify this.
As of right now, the device needs to be quite close to the iPhone, and turning off Bluetooth entirely can stop it but this flaw could be exploited by users who know how to do worse. To protect yourself fully, you must turn off Bluetooth from settings – doing so from the Control Center doesn’t work.
The Flipper Zero is not the only device capable of spoofing a Bluetooth notification, so it’s a problem Apple will have to fix internally to eliminate the threat for good. Perhaps a solution such as disabling Bluetooth after a handful of pings in a row or only allowing trusted devices to ping multiple times could be a software-based fix in a future version of iOS.
Apple didn’t respond to a request for comment when the issue was first raised in September.