Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Apple (yet again, preferring schedule over security) asked people to keep secret since August a huge security vulnerability that allowed an attacker to remotely render any nearby iPhone or iPad unusabl

3 views
Skip to first unread message

Arlen Holder

unread,
Dec 11, 2019, 12:53:15 AM12/11/19
to
FACTS:
o Dateline, today, December 10th, 2019

Yet again, Apple shipped vulnerabilities in September 'till today, that
they _knew_ about, this time, asking the reporter (see blog below) to keep
this fact a _secret_ while Apple MARKETING loudly touted the purely
"imaginary security" of the iOS 13 release!

This AirDrop vulnerability allowed an attacker to remotely render any
nearby iPhone or iPad unusable.

o AirDoS: Remotely render any nearby iPhone or iPad unusable
<https://kishanbagaria.com/airdos/>

It's fixed only in the iOS 13.3 release, shipped today, where Apple _knew_
about this security vulnerability _before_ iOS 13.0 ever shipped!

Note: Apple touts imaginary security, as always trivially easily proven.

--
Informing Apple users on this ng of the factual truth, one fact at a time.

Arlen Holder

unread,
Dec 12, 2019, 9:35:39 AM12/12/19
to
*Proof Apple has _never_ sufficiently tested iOS for vulnerabilities*
O Apple prefers to loudly ADVERTISE (purely imaginary) iOS quality

Apple hasn't spent even _five minutes_ testing for this bug since iOS 7
when Apple introduced this AirDrop AirDos vulnerability in the first place!

o If You Don't Update To Apple iOS 13.3 You Could Get Locked Out Of Your iPhone
<https://www.forbes.com/sites/daveywinder/2019/12/11/if-you-dont-update-to-apple-ios-133-you-could-get-locked-out-of-your-iphone/>

"a security researcher by the name of Kishan Bagaria uncovered a bug in the
AirDrop file transfer feature *that was introduced in iOS 7*"

Arlen Holder

unread,
Dec 12, 2019, 10:14:45 AM12/12/19
to
FACTS:
o An iOS bug in AirDrop let anyone temporary lock-up nearby phones
<https://techcrunch.com/2019/12/10/ios-airdrop-lock-up-iphones/>

"Devices that had their AirDrop setting set to receive files from
'Everyone' were mostly at risk. Turning off Bluetooth would effectively
prevent the attack, but Bagaria said that the file accept box is so
persistent it's near impossible to turn off Bluetooth when an attack is
under way."

"The only other way to stop an attack? 'Simply run away,' he said. Once a
user is out of wireless range of the attacker, they can turn off Bluetooth.
'I'm not sure how well this'd work in an airplane,' he joked."

--
Bringing facts & truth to the Apple newsgroups, one fact at a time.
0 new messages