An iOS 15 bug could wipe your iPhone remotely, bounty hunter claims
Apple has been getting ready to release its most recent software update over the last while, namely iOS 15.1. The fourth and latest beta was released to developers yesterday (and to public testers today), and the official public launch is sure to be imminent—although we still haven't been given an exact date by Apple.
There has been a lot of excitement over the past while concerning iOS 15's upcoming patch, and it isn't the good kind. Namely, users and developers seem to be encountering all kinds of bugs with iOS 15, and they don't seem to have all been addressed by the company.
Best Regards,
These include not being able to unlock your iPhone using your Apple Watch when wearing a mask, even though that is a specific advertised feature. Other bugs include unresponsive screens after unlocking the iPhone, crashes of native apps, and issues with getting the camera viewfinder finder to work.
While the second iOS beta addressed the annoying Apple Watch unlocking problem, there is a more recent, and decidedly more alarming bug, which seems to have recently reared its ugly head.
iPhone remote wipe bug on iOS 15
A Twitter user going by the hashtag @RobertCFO has announced on the social media platform that he has encountered a worrying vulnerability, which enables anyone to "use a high-level proximity Bluetooth LE exploit" to wipe clean any device running iOS 15 (or iPadOS 15, for that matter, it seems), without physically touching any devices.
Essentially, as Robert puts it, you could ride a bike around the city, wiping everyone's iPhones as you go.
While the bug hunter screenshotted an e-mail of an alleged exchange he had with Apple concerning the remote wipe bug, he hasn't provided evidence of a remote wipe process actually taking place—he says he will do so later.
The alleged e-mail also states iOS 15.1 is coming on October 25
Robert's alleged e-mail exchange with Apple shows highly confidential information, particularly about the release date of iOS 15.1—which is shown as October 25. Here is the publicized e-mail from Apple:
Hello,
Please treat the following information as confidential.
Thank you for your patience whilst we worked to address this issue, I can confirm this issue is resolved in iOS 15.1 and we will schedule a software release starting the week commencing Monday 25th October. To avoid placing our customers at risk, we would appreciate you not disclosing this information until the necessary updates are available. Furthermore we will be keeping this case open so we can finish evaluating a payment to you for providing us with this information.
Anthony
Apple Products Security
Now, whether or not the allegations of such a potentially dangerous vulnerability in the latest iPhone operating system are true, is not yet certain. Apple has already responded to the claims in a report by AppleInsider, saying that "they have no record of any interaction between the alleged researcher and an Apple Security Bounty team member."
Apple further shared that they would never reveal security dates in such a manner, pointing to Robert's "revelation" being a rather fishy ordeal. And we tend to agree with them, as the company has always been secretive when it comes to release dates in general.
It's possible that the remote wipe bug "discoverer" is simply seeking internet clout, but judging by past times when Apple has ignored serious security flaws, we're also going to leave room for a grain of salt, and discussion. Do let us know what you think in the comments below, and we'll also post an update as soon as anything more is known about the subject.
Things that are NOT allowed: