Due to the complexity of platforms like iOS, which needs to manage the features of the software and the hardware, we imagine that there are probably some security flaws that the team at Apple might have missed, which is why every now and then, we come across a story that reports on one of these flaws.
The most recent comes from Ian Beer, a member of Google’s Project Zero team in which he has published a blog post where he details an iOS exploit. This security flaw, if exploited, would have allowed a hacker to gain remote access to an iPhone’s photos, messages, and more, all without the user knowing about it.
According to Beer, this is due to a vulnerability in a component called AWDL which is used to help facilitate P2P communication between iOS devices, like AirDrop. By taking advantage of this flaw, Beer claims that he is capable of gaining access to any nearby iPhone’s memory in just seconds. This means that in the wrong hands, walking around in public could mean that your information can easily be stolen and you wouldn’t even know about it.
The good news is that Beer claims that he has not found any evidence of this exploit being used in public, so for now users are “safe”. He has also asked to work with Apple to help patch the problem and will donate any money he makes through Apple’s Bug Bounty Program to charity.