A year ago, swedish programmer Roman Digerberg received worldwide recognition when he discovered a vulnerability in IOS. The vulnerability made it possible for him to send self-assembled push notifications that were impossible to remove, he was also able to manipulate the count of missed calls or unread text messages. The vulnerability was present in IOS 6 and IOS 7 and is still not fixed in IOS 8, although Digerberg reported it to Apple a year ago.
The new vulnerability is even more serious. With a specially written sms, Digerberg can force devices with IOS 8 to restart the system.
Imagine the following scenario: you are sitting in an important conversation that suddenly breaks for no apparent reason. Or writing a text, reading the news or listening to Spotify. You notice that your phone restarts but you have no clue why. Then it happens again. And again. Your Iphone is impossible to use more than a few seconds at a time.
Roman Digerberg demonstrates how it works onTechWorld news editor Daniel Åhlins Iphone. With the help of a program that Roman created he sends multiple messages with a small time delay, and forces Daniels Iphone to crash over and over again.
TechWorld news editor is scrolling around on Spotify when his phone suddenly restarts. Roman Digerberg demonstrates this several times, in different situations.
Digerberg says he discovered the vulnerability by chance.
- I had received an inquiry from a company to write a simple notification app that sends sms alerts to the employees. When I tried to run the half-finished code it caused the phone to restart again and again. I knew immediately that I had found a new vulnerability in IOS, because the message arrived correctly on Android phones.
How does it work?
- After some research I came to the conclusion that a special algorithm charset restarts Iphones with IOS 8. It only works on devices with IOS 8. If you have a previous version nothing happens with the phone.
Roman Digerberg says that he immediately contacted Apple, a company not famous for directly recognizing vulnerabilities in their systems or to listen to external security experts.
- At first, the representative from Apple thought I was joking, and said that this was impossible. It was not until I sent the article on the last bug I found that he took the call seriously. Now, Apple has contacted me and they want full bug report and hex-dump, and even evidence in the form of video, which they received.
It remains to see how quickly Apple addresses this very serious vulnerability, if they do it ...