IPhone zero-click Wi-Fi exploit: One of the most breathtaking hacks

  • Thread starter Thread starter jedishrfu
  • Start date Start date
  • Tags Tags
    Iphone
Click For Summary

Discussion Overview

The discussion centers around a recently patched iPhone vulnerability that allowed for remote access to devices via a Wi-Fi exploit, requiring no user interaction. Participants explore the implications of this exploit, its technical details, and the sensationalist nature of its presentation in media.

Discussion Character

  • Exploratory
  • Technical explanation
  • Debate/contested

Main Points Raised

  • Some participants highlight the severity of the vulnerability, describing it as a "memory corruption bug" that allowed attackers to gain full access to the device remotely.
  • Others question the sensationalism of the headline used in the article, suggesting that it may not accurately reflect the technical details of the exploit.
  • A participant references a demonstration where an attacker exploits an iPhone 11 Pro from a different room, detailing the method of exploiting the AWDL interface and the implications for user privacy.
  • There is mention of the potential for the exploit to be optimized for faster delivery of the implant, indicating ongoing concerns about the exploit's capabilities.

Areas of Agreement / Disagreement

Participants express differing views on the sensationalism of the exploit's presentation, with some defending the headline as appropriate given the exploit's nature, while others criticize it as exaggerated. The technical details of the exploit are discussed, but no consensus is reached on the framing of the issue.

Contextual Notes

Participants do not fully agree on the implications of the exploit, and there are unresolved questions regarding the technical feasibility of optimizing the exploit further.

jedishrfu
Mentor
Insights Author
Messages
15,688
Reaction score
10,496
TL;DR
Before Apple patch, Wi-Fi packets could steal photos. No interaction needed. Over the air.
https://arstechnica.com/gadgets/202...t-is-one-of-the-most-breathtaking-hacks-ever/

Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable—meaning radio-proximity exploits could spread from one nearby device to another, once again, with no user interaction needed.

This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research arm. In a 30,000-word post published on Tuesday afternoon, Beer described the vulnerability and the proof-of-concept exploit he spent six months developing single-handedly. Almost immediately, fellow security researchers took notice.
 
  • Wow
  • Sad
  • Like
Likes   Reactions: anorlunda, pbuk, sysprog and 2 others
Computer science news on Phys.org
Why repeat the sensationalist headline?
 
Ask not why but why not.
 
  • Like
Likes   Reactions: davenn
pbuk said:
Why repeat the sensationalist headline?
As @jedishrfu said, "ask . . . why not" ##-## it seems sensational enough ##-## from the cited 30,000-word post:
Ian Beer said:

This demo shows the attacker successfully exploiting a victim iPhone 11 Pro device located in a different room through a closed door. The victim is using the Youtube app. The attacker forces the AWDL interface to activate then successfully exploits the AWDL buffer overflow to gain access to the device and run an implant as root. The implant has full access to the user's personal data, including emails, photos, messages, keychain and so on. The attacker demonstrates this by stealing the most recently taken photo. Delivery of the implant takes around two minutes, but with more engineering investment there's no reason this prototype couldn't be optimized to deliver the implant in a handful of seconds.
 
  • Like
Likes   Reactions: nsaspook