iPhones could be infiltrated remotely and data readout: the security gap was huge, but the danger has been averted. Once again, however, the Project Zero team showed what it can do.
This security hole was actually of a terrifying extent: only activated WiFi was required to be able to access an iPhone. The attacker was able to access devices that were within range, which usually covers an area that encompasses the distances normally covered by WLAN. However, suitable antennas are capable of realizing access from far greater distances. And this bug in iOS was not without: the user could not notice the attack.
The attack was discovered by Ian Beer, who works for Google’s Project Zero and describes the problem in one Blog post. Because the vulnerability in iOS was so severe, the Google engineers have remained silent to this day and have not made the details of the vulnerability public.
iOS has long been secure
Taking advantage of this gap, Ian Beer was able to steal photos from iPhones in neighboring rooms within a few minutes. It was also possible for him to trigger a constant restart of the devices; Beer demonstrated the functionality of his construction in various videos.
The loophole has been closed since iOS 13.5. It was in AWDL, a network protocol developed by Apple and used by its own devices. It allows connections between different Apple devices and has been the subject of security concerns before. In the present case, Apple failed to protect the AWDL with encryption. The user cannot actively switch AWDL on or off, as a rule he does not even know of its existence.