All eyes are on iOS 17.1 to fix a raft of iPhone issues, from the overheating problems that made iPhones almost too hot to touch (early reports are positive here), that odd screen burn-in problem that wasn’t burn-in (yes, that one seems fixed), to the more obscure nighttime rebooting bug (jury is out on this one). But there’s one bug that I’ve been asked about more than any other.
Can you still crash an iPhone with a Flipper Zero?
The image above might leave the impression that the Flipper Zero needs to be placed right beside the iPhone in order to crash it. But it doesn’t. While taking this photo I also inadvertently crashed my iPad Pro that was in another room.
In fact, I’ve tested the range of this attack and I find that it is effective out to a radius of 20 to 30 feet, depending on how open the space is.
And if you take a modern office space, coffee shop, train station, or airport, you can get a lot of iPhones in that small space.
It takes about three minutes for a BLE Spam lockup crash Flipper Zero attack — which requires third-party software to be loaded onto the Flipper Zero — to reboot an iPhone. Before that three-minute mark, however, the handset can become unresponsive to touch inputs and other Bluetooth devices connected to the iPhone can be forced to disconnect and reconnect.
It’s important to note that while the Flipper Zero doesn’t drop malware onto the iPhone or cause any sort of permanent damage, this is a frustrating DoS (denial of service) attack that can cause a user great distress or make them think their iPhone is defective.
What’s your defense? The only defense I can offer is this: If you notice your iPhone doing something strange, disable Bluetooth — which you can do one of two ways. One, go into the Control Center and disable it there. (With this method Bluetooth only stays off until the next day. ) Or, go into Settings > Bluetooth and flip the toggle there. Then restart the device, because my testing suggests that iPhones get a little flaky after this and benefit from a reboot.