You can turn your Bluetooth on again! A few months ago, an engineer with a Flipper Zero showed off an exploit that could potentially lock down iPhones and Apple has finally put out a fix with iOS 17.2.
As originally reported by ZDNET, you can no longer cause iPhones to crash by spamming Bluetooth notifications, though the first few pop-ups will still occur – moving a major exploit to a minor annoyance. This exploit wasn’t technically exclusive to the relatively niche multi-tool, as originally confirmed to iMore by Flipper itself. 'It’s important to highlight this is impossible on the default hardware. We have taken necessary precautions to ensure the device can’t be used for nefarious purposes. Since the firmware is open source, individuals can adjust it and use the device in an unintended way, but we don’t promote this and condone the practice if the goal is to act maliciously.
Potentially, one could repurpose an Android phone with custom firmware or any Arduino-like device with BLE capabilities to do the same. This is why we agree with the researcher that Apple should implement safeguards and eliminate the problem at its core.’
Keeping to its word – iMore’s take
Apple claims to take the security and privacy of its devices seriously and steps like these are important to back that up. We at iMore have known about this issue since the start of September, setting the rollout for this change at about three months. This is still a significant period of time and we have seen a major iOS rollout with iOS 17 and two smaller ones since then but a definitive fix like this is important and it’s good to see it addressed.
iOS 17.3 seems set to follow this same vein with a security feature to stop thieves who have stolen your phone. It’s been a long time coming, but it’s great to see them rolling out on Apple devices.