A bug which let anyone block your iPhone

Recently Apple managed to fix a pretty annoying bug, which let literally anyone temporarily lock another person’s iPhone or iPad.

Znalezione obrazy dla zapytania airdrop

Kishan Bagaria found that bug in AirDrop, which is an ad-hoc service, which allows its users to quickly transfer files between devices over Wi-Fi or Bluetooth without using a mass storage device. AirDrop supports iOS and macOS operating systems and was first introduced as one of the new features in Mac OS X Lion and iOS7.

So how this bug actually worked? Using an open-source tool, Bagaria could repeatedly send files again and again to all of the devices that were present in his wireless range (and had their AirDrop set to receive files from “everyone”).

But why sending so many files can be a problem for the recipient? Well, when an AirDrop file is received, iOS automatically blocks the whole display of the device (so once you are under attack you can’t even turn Bluetooth off) until its user accepts or rejects the following file. The bug occurred due to the fact that Apple didn’t set a limit for requests for a device, so a potential attacker could keep sending files infinitely, which resulted in creating a loop, where the user had to keep rejecting the files over and over again.

So what was the only way to escape from the attack? Bagaria said, that the only possibility was to run away. Once an attacked user was no more within the wireless range of an attacker, he/she was able to turn off Bluetooth to prevent further attacks.

Apple fixed that hilarious bug by simply setting a limit of requests over a short period of time. So once you update your iOs to 13.3 version, there is no need to worry about getting your phone blocked when your Bluetooth is turned on or when you are connected to public Wi-Fi!

Sources:

https://techcrunch.com/2019/12/10/ios-airdrop-lock-up-iphones/

The following two tabs change content below.
Avatar

Kalemba Kuba

Avatar

Latest posts by Kalemba Kuba (see all)

Leave a Reply