Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/todb/statuses/113022899458745713">Tod Beardsley 🤘 (todb@infosec.exchange)'s status on Sunday, 25-Aug-2024 22:29:44 JST</a><a href="https://infosec.exchange/@todb" title="todb@infosec.exchange"><img src="https://gnusocial.jp/avatar/29830-48-20231107042700.webp" width="48" height="48" alt="Tod Beardsley 🤘" style="position: absolute; left: 0; top: 0;">Tod Beardsley 🤘</a><div><a href="https://infosec.exchange/@patrickcmiller/113022358041112039" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://infosec.exchange/@patrickcmiller">@patrickcmiller</a> I disagree, this is a denial of service security issue.</p><p>Here’s how the attack works:</p><p>1) Tell a security nerd that typing “”:: in certain search dialogs on <a href="https://infosec.exchange/tags/Apple" rel="tag">#Apple</a> iOS causes a crash in Springboard. </p><p>2) That nerd will be then be unable to perform any function other than crashing their own iPhone’s Springboard for at least the next 20-30 seconds, regardless of what they were doing before. </p><p>3) In some cases, that nerd will also tell other nerds about it, spreading the DOS effect through their personal social network.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/3567053#notice-7000310">In conversation</a><time datetime="2024-08-25T22:29:44+09:00" title="Sunday, 25-Aug-2024 22:29:44 JST">about 3 months ago</time> <span>from <span><a href="https://infosec.exchange/@todb/113022899458745713" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@todb/113022899458745713">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Tod Beardsley 🤘 (todb@infosec.exchange)'s status on Sunday, 25-Aug-2024 22:29:44 JSTTod Beardsley 🤘
in reply to
- Patrick C Miller :donor:
@patrickcmiller I disagree, this is a denial of service security issue.
Here’s how the attack works:
1) Tell a security nerd that typing “”:: in certain search dialogs on #Apple iOS causes a crash in Springboard.
2) That nerd will be then be unable to perform any function other than crashing their own iPhone’s Springboard for at least the next 20-30 seconds, regardless of what they were doing before.
3) In some cases, that nerd will also tell other nerds about it, spreading the DOS effect through their personal social network.
In conversationabout 3 months ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice