Researchers at the RSA conference this week disclosed an interesting iOS hack that would allow an attacker to put an iPhone into an endless reboot loop with no way for a user to get out of it.
The attacker would need to set up a bogus WiFi hotspot near the target iPhone. This hotspot can even force the iPhone to connect to it. Then it sends the iPhone bogus SSL certificates which force it into an endless reboot loop. The user cannot even power off the phone since no cell phone really has a power switch any more – merely a button that tells the software that it should power the phone off. But since the phone is busy endlessly rebooting, it will ignore that request.
I think, but the article does not say, that if you leave the radius of the hotspot you should be able to regain control of your phone.
An interesting attack would be to deploy some of these hotspots, which could easily be hidden in a briefcase, at an airport, or other public venue. It would disable all iPhones within a couple hundred yard radius and if you have several of them strategically located, the range could be quite large.
The researchers have told Apple about the problem, but as of yet, there is no comment from Apple, never mind a fix.