This article was published on April 13, 2016

‘Evil’ Wi-Fi networks could remotely brick your iPhone or iPad


‘Evil’ Wi-Fi networks could remotely brick your iPhone or iPad

Apple already fixed a bug related to its previous ‘1970’ problem, which allowed people to render their devices useless if the clock and date were set to a specific point in time, but your phone remains vulnerable unless you have the most recent firmware.

Admittedly, this might feel a little like deja-vu as Apple already rolled out a previous fix to stop people from deliberately bricking the iPhones but this issue is a little different, according to Krebs on Security.

According to security researchers Patrick Kelly and Matt Harrigan, a weakness in the way that Apple devices continually check Network Time Protocol servers leaves a maliciously configured Wi-Fi network able to brick a device.

You might be thinking, “well, duh, why would I connect to a malicious Wi-Fi network? This isn’t my problem” but you’d be wrong.

phonebreaker
Credit: Harrigan/Kelley/Krebs

Due to the way devices auto-reconnect to any Wi-Fi networks that share the same name, you wouldn’t even know when it’s happening, until it’s too late, Krebs explained.

“For example, to use Starbuck’s free Wi-Fi service, you’ll have to connect to a network called “attwifi”. But once you’ve done that, you won’t ever have to manually connect to a network called “attwifi” ever again. The next time you visit a Starbucks, just pull out your iPad and the device automagically connects.

From an attacker’s perspective, this is a golden opportunity. Why? He only needs to advertise a fake open network called “attwifi” at a spot where large numbers of computer users are known to congregate. Using specialized hardware to amplify his Wi-Fi signal, he can force many users to connect to his (evil) “attwifi” hotspot. From there, he can attempt to inspect, modify or redirect any network traffic for any iPads or other devices that unwittingly connect to his evil network.”

Once connected to the nefarious network, the device is then configured to draw its NTP updates from a compromised server, which sets the time and date as January 1, 1970. You should have a pretty good idea of what happens next.

“The iPads that were brought within range of the test (evil) network rebooted, and began to slowly self-destruct. It’s not clear why they do this, but here’s one possible explanation: Most applications on an iPad are configured to use security certificates that encrypt data transmitted to and from the user’s device. Those encryption certificates stop working correctly if the system time and date on the user’s mobile is set to a year that predates the certificate’s issuance.”

Thankfully, there’s an easy way to avoid the problem – just update your iOS build to version 9.3.1 or newer. Until you do that, you do remain at risk of someone else remotely bricking your device, however unlikely it feels.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with