London Daily

Focus on the big picture.
Thursday, Jul 02, 2026

Google engineer demonstrate how he could get full control and copy all data from 25 iPhones without touching them

iPhone security? Hmmm... In this demo I remotely trigger an unauthenticated kernel memory corruption vulnerability which causes all iOS devices in radio-proximity to reboot, with no user interaction. Over the next 30'000 words I'll cover the entire process to go from this basic demo to successfully exploiting this vulnerability in order to run arbitrary code on any nearby iOS device and steal all the user data

One of the geniuses working for Google on Project Zero wrote on his blogpost and on his YouTube videos:

Introduction
Quoting @halvarflake's Offensivecon keynote from February 2020:

"Exploits are the closest thing to "magic spells" we experience in the real world: Construct the right incantation, gain remote control over device."

For 6 months of 2020, while locked down in the corner of my bedroom surrounded by my lovely, screaming children, I've been working on a magic spell of my own. No, sadly not an incantation to convince the kids to sleep in until 9am every morning, but instead a wormable radio-proximity exploit which allows me to gain complete control over any iPhone in my vicinity. View all the photos, read all the email, copy all the private messages and monitor everything which happens on there in real-time.

The takeaway from this project should not be: no one will spend six months of their life just to hack my phone, I'm fine.

Instead, it should be: one person, working alone in their bedroom, was able to build a capability which would allow them to seriously compromise iPhone users they'd come into close contact with.

Imagine the sense of power an attacker with such a capability must feel. As we all pour more and more of our souls into these devices, an attacker can gain a treasure trove of information on an unsuspecting target.

What's more, with directional antennas, higher transmission powers and sensitive receivers the range of such attacks can be considerable.

I have no evidence that these issues were exploited in the wild; I found them myself through manual reverse engineering. But we do know that exploit vendors seemed to take notice of these fixes. For example, take this tweet from Mark Dowd, the co-founder of Azimuth Security, an Australian "market-leading information security business":

Watch the videos and read his full post here.

Newsletter

Related Articles

0:00
0:00
Close
UK Government Confirms Rejected Asylum Seekers to Remain Amid Enforcement Challenges
UK-China Economic Talks Focus on Services Trade and High-Value Sectors
Buckingham Palace Revamp Plans Unveiled to Modernise Royal and Public Facilities
Two Dead After Light Aircraft Crash in Essex Field, Investigation Underway
Princess Diana Marked at 65 With UK Tributes Reflecting on Her Public Legacy
England Teachers Face New Pay Cap Rules for Academy School Leaders Under Education Reform
Dublin Security Alert Escalates After Stabbing and Reports of Transport Disruption
UK Government Faces Scrutiny Over £10,000 Asylum Living Cost Contribution Requirement
England Prepares World Cup Knockout Match Against Democratic Republic of Congo
Northern Rail Project Warned of HS2-Style Cost Risks by UK Parliamentary Committee
UK Tightens Asylum Rules as Most Rejected Applicants Expected to Remain in Country
UK Heat Health Alert Issued as Temperatures Expected to Exceed 30°C Across England
Halifax Brand to Disappear From UK High Streets in Lloyds Banking Group Restructuring
England Teachers Receive 6.6 Percent Pay Rise Over Two Years as Schools Warn of Budget Strain
UK Defence Spending Plan Sparks Budget Clash as Regional Infrastructure Projects Face Pressure
Inquest Continues in Northern Ireland into Death of Noah Donohoe in Belfast
UK Travel Industry Calls for Suspension of New EU Border System During Peak Holiday Season
Telegraph Media Group Acquired by German Media Firm in £575 Million Deal Completion
House of Commons Warns Northern Rail Upgrade Risks Repeating High-Speed 2 Cost Overruns
UK Transport Unions Warn of Summer Strike Action Over Pay Disputes
UK Health Secretary Calls Maternity Care Review a “Watershed Moment” for NHS Reform
Nigel Farage Faces Questions Over £270,000 Payment Linked to Gold Marketing Firm
Labour Government Faces Internal Division Over North Sea Oil and Gas Policy Direction
National Screening Committee Invites New Proposals for UK Health Screening Programmes
UK and China Hold Industrial Strategy Talks on Trade and Export Growth Opportunities
UK Defence Funding Gap Widens as £4.7 Billion Shortfall Puts Pressure on Spending Priorities
United Kingdom Faces Historic Demographic Shift as Deaths Forecast to Exceed Births in England and Wales
United Kingdom Introduces Major Motability Scheme Reforms Targeting £1 Billion in Long-Term Savings
Global Billionaire Numbers Rise 13 Percent Amid Artificial Intelligence Stock Boom
Body of Fifteen-Year-Old Boy Recovered from Manchester Reservoir
Major Rail Disruption in UK After Cows Stray Onto Intercity Tracks
UK Launches National Campaign to Reduce Water Consumption After Heatwave
Foreign Secretary David Lammy Raises Case of UK Woman Death with US Authorities
Shetland Islands Council Approves Subsea Tunnel Plans Linking Major Islands
Telegraph Media Group Takeover by German-Led Consortium Completed
Resident Doctors in England Accept Government Pay and Conditions Deal
Andy Burnham Sets Out Ten-Year Economic Vision Amid Labour Leadership Debate
Asylum Seekers in UK Face £10,000 Contribution Requirement Under New Law
UK Government Moves to Break Apple and Google App Store Dominance
New UK Steel Tariffs and Import Quotas Aim to Shield Domestic Industry
Damning Report Exposes Failures in Maternity and Neonatal Care Across England
Government Data Reveals Five Billion Pound Shortfall in UK Defence Budget
Prime Minister Keir Starmer Unveils Three Hundred Billion Pound Defence Investment Plan
UK Crime and Policing Act 2026 Comes into Force with New Justice System Reforms
UK Prime Minister Hosts NATO Secretary General Mark Rutte for Security Talks at Downing Street
UK Tightens Oversight of Emissions Trading Scheme Through New Ministerial Directions
UK Issues Statement at UN Security Council on Violence in the West Bank
UK Environment Agency Clears Illegal Waste Site in West Yorkshire After Court Action
UK Resident Sentenced for Fraudulently Claiming £30,000 in Covid Business Loans
UK Launches Taskforce to Help Young People Claim Dormant Child Trust Fund Savings
×