Jump to content

An iOS bug in AirDrop let anyone temporarily lock-up nearby iPhones


NelsonG

Recommended Posts

Apple has fixed a bug in iOS 13.3, out today, which let anyone temporarily lock users out of their iPhones and iPads by forcing their devices into an inescapable loop.

Kishan Bagaria found a bug in AirDrop, which allows users to share files between iOS devices. He found the bug let him repeatedly send files to all devices able to accept files within wireless range of an attacker.

When a file is received, iOS blocks the display until the file is accepted or rejected. But because iOS didn’t limit the number of file requests a device can accept, an attacker can simply keep sending files again and again, repeatedly displaying the file accept box, which causes the device to get stuck in a loop.

Using an open-source tool, Bagaria could repeatedly send files again and again to not only a specific target in range, but to any device set to accept files within wireless range.

airdrop.gif

A demonstration of an “AirDoS” attack (Image: Kishan Bagaria/supplied)

Bagaria calls the bug “AirDoS,” the latter part is short for “denial-of-service,” which effectively denies a user access to their device.

Devices that had their AirDrop setting set to receive files from “Everyone” were mostly at risk. Turning off Bluetooth would effectively prevent the attack, but Bagaria said that the file accept box is so persistent it’s near-impossible to turn off Bluetooth when an attack is under way.

The only other way to stop an attack? “Simply run away,” he said. Once a user is out of wireless range of the attacker, they can turn off Bluetooth.

“I’m not sure how well this’d work in an airplane,” he joked.

Apple fixed the bug by adding a rate-limit that prevents a barrage of requests over a short period of time. But because the bug wasn’t strictly a security vulnerability, Apple said it would not issue a common vulnerability and exposure (CVE) score, typically associated with security-related issues, instead “publicly acknowledge” Bagaria’s findings in the security advisory.

Techcrunch?d=2mJPEYqXBVI Techcrunch?d=7Q72WNTAKBA Techcrunch?d=yIl2AUoC8zA Techcrunch?i=CfV9nqVFdxE:SHm38TANzRI:-BT Techcrunch?i=CfV9nqVFdxE:SHm38TANzRI:D7D Techcrunch?d=qj6IDK7rITs
CfV9nqVFdxE

View the full article

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Our picks

    • Wait, Burning Man is going online-only? What does that even look like?
      You could have been forgiven for missing the announcement that actual physical Burning Man has been canceled for this year, if not next. Firstly, the nonprofit Burning Man organization, known affectionately to insiders as the Borg, posted it after 5 p.m. PT Friday. That, even in the COVID-19 era, is the traditional time to push out news when you don't want much media attention. 
      But secondly, you may have missed its cancellation because the Borg is being careful not to use the C-word. The announcement was neutrally titled "The Burning Man Multiverse in 2020." Even as it offers refunds to early ticket buyers, considers layoffs and other belt-tightening measures, and can't even commit to a physical event in 2021, the Borg is making lemonade by focusing on an online-only version of Black Rock City this coming August.    Read more...
      More about Burning Man, Tech, Web Culture, and Live EventsView the full article
      • 0 replies
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
    • Post in What Are You Listening To?
      Post in What Are You Listening To?
×
×
  • Create New...