Yoodley is reader-supported. When you buy through links on our site, we may earn an affiliate commission.
A security researcher performed an experiment targeting iPhone users during the 2023 DEF CON. According to attendees who experienced the “#DEFCON shenanigans” over the weekend, they received prompt popups related to connecting to an Apple TV (and also an Apple keyboard) or sharing their password to the device despite turning off their Bluetooth from their iPhone Control Center. (via Tech Crunch)
After several conference participants shared the experience online, a Mastodon user named Jae Bochs then admitted being the brain behind the act.
“Since we’re starting to wind down, I’ll come clean: it me,” Bochs posted. “Also to offer some reassurance: this was built with two purposes – to remind people to *really shut off* Bluetooth (I.e. not from control center) and to have a laugh.”
The researcher also stressed that the experiment meant no harm and no data was gathered.
“There’s no data collected, it’s just sending out BLE advertisement packets that don’t require pairing (and as such aren’t stopped by the control center toggle),” Bochs added. “For what it’s worth, there are about 15 possible pop ups. The best ones (IMO) are: ‘transfer your phone number,’ ‘your os is too old for this accessory, click to update’ and ‘adjust your color balance’ (again, none of them will actually do anything).”
As Tech Crunch underlined in its report, those who encountered the act at the hacking and cybersecurity conference commonly didn’t use Apple’s Lockdown Mode. The feature is an optional extreme mode designed to stop sophisticated digital threats. Using it, the device’s functions will be limited, with some experiences not being available for use.
Bochs shared a plan to submit a talk involving the act. “Hoping by next DC to have it working with the new iOS17 ‘NameDrop’ features, and potentially do something similar for android (at least certain models),” the researcher wrote. “Either way I’ll probably submit it for a talk.”
In the end, the experiment seemed to have a significant effect on others, with some Mastodon users in the conversation started asking about how to properly disable their devices’ Bluetooth. And as others noted and reiterated, turning the Bluetooth permanently only works using the Settings app. To recall, Apple made a change in iOS 11 update, making the Bluetooth icon in the Control Center a temporary solution for disabling the function. This means using the option will only put the Bluetooth on time out, allowing it to activate automatically the next morning.