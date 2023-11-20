iOS 17 remains vulnerable to DoS attacks through a device known as Flipper Zero, which exploits the BLE protocol and can render an iPhone or iPad completely unusable.

iOS 17 still fails to fix an alarming bug.

You may remember when we talked about a small device capable of « breaking » iPhones last Novembre. This device is none other than the Flipper Zero, which fills Apple phones with false Bluetooth connection notifications until it forces them into an infinite loop of restarts.

It was hoped that with the arrival of iOS 17, this problem could be fixed, but as reported by 9to5Mac, the exploit that Flipper Zero takes advantage of has not been patched yet. So, what does that mean for iOS users?

What is Apple doing to solve the problem?

Well, for now, we can say that they are not doing much. Cupertino’s team has yet to acknowledge the exploit being exploited. There may be a technical reason why they haven’t done so, but there is a popular belief on the Internet that they don’t take the threat too seriously.

Flipper Zero itself is an innocent device. However, since it has an open-source firmware, it can be modified to become a device used for launching denial-of-service (DoS) attacks targeting iPhones and iPads.

Furthermore, according to a post on X (formerly Twitter) by security researcher Techryptic, Ph.D., these devices are not even safe with airplane mode on:

Flipper Zero’s attack uses a weakness in the pairing sequence of the Bluetooth Low-Energy (BLE) protocol. Apple uses various BLE technologies within its ecosystem. This protocol uses packets to identify local devices on iPhones and iPads, allowing for this type of attack to occur.

Unfortunately, there is currently no protection against this type of attack. The only thing that can be done is to disable Bluetooth if there are many pairing request notifications, but this is not a long-term solution. Additionally, Bluetooth is reactivated with each restart or iOS update.

