Slashdot Mirror

← Back to Stories (view on slashdot.org)

iOS WiFi Bug Allows Remote Reboot of All Devices In Area

Posted by timothy on from the wardriving-experiment dept.

New submitter BronsCon writes: A recently disclosed flaw in iOS 8 dubbed "No iOS Zone" allows an attacker to create a WiFi hot spot that will cause iOS devices to become unstable, crash, and reboot, even when in offline mode. Adi Sharabani and Yair Amit of Skycure are working with Apple for a fix; but, for now, the only workaround is to simply not be in range of such a malicious network.

6 of 117 comments (clear)

  1. Re:even when in offline mode by Anonymous Coward · · Score: 3, Informative

    From what I got from the pdf of their presentation, as long as you are in range of the attacker's network, you won't be able to switch to offline mode before iOS crashes and reboots. You'll have to physically move out of range of the network before you go into offline mode. Of course, if you are in offline mode to begin with when you are in range of the attacker's network, you won't be affected until you turn on your wifi.

  2. Re:Wait, what? Even in offline mode? by suutar · · Score: 4, Informative

    It's not that a phone that's offline is still vulnerable to wifi; it's that once this attack (which is carefully designed to get this result) hits you can't get enough control to go offline. The summary's got an inaccurate paraphrase, but TFA's phrasing isn't immediately clear. The researcher's blog has a better description.

  3. Re:even when in offline mode by Anubis+IV · · Score: 5, Informative

    I was curious as well, so I read through their presentation slides and their press release.

    The gist of the attack is that they've crafted a malicious SSL cert that can cause strange behavior in apps and the OS itself, including the possibility of initiating a crash-reboot-get malicious SSL cert-crash cycle. Once you get stuck in that cycle, there's no way to turn off WiFi, hence why they said that offline mode would not remedy the issue. That said, offline mode can indeed keep you from getting stuck in that cycle to begin with, and the researchers even recommended it as one of the ways to avoid the problem entirely. Alternatively, if it's already too late for you and you're in the crash loop, simply leaving the area will fix the issue for you, since you'll be able to pull down valid SSL certs and reboot as normal.

    Which is to say, the summary has it wrong, since the attack cannot cause you to enter the crash loop while you're in offline mode, but you won't be able to enter offline mode once you're in the crash loop, so offline mode cannot save you at that point. Only leaving the area will work.

  4. Re:How is it working in offline mode by BronsCon · · Score: 3, Informative

    It's my first accepted submission (to be fair, my first legitimate submission); I've been here for a while.

    OH! I get it! You were playing on stereotypes!

    --
    APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  5. Re:Smells like BS. by bobbied · · Score: 3, Informative

    even in "offline mode"? iPhone doesnt have an offline mode but an airplane mode and the story is 100% bullshit if he is claiming it can do this to a phone that is in airplane mode

    That's not what they are saying... IF you have the phone in Airplane mode, you will have no problem. HOWEVER, if you don't and your phone tries to connect to the rouge AP then it crashes and reboots. At that point you are sunk because when your phone boots and it wasn't previously in Airplane mode, it will connect to the rouge AP and crash before you can get the phone into Airplane mode to stop the cycle.

    So if your WiFi is actually turned off, nothing will happen. The problem is that once you get into this cycle, you cannot turn off the WiFi before the phone crashes and boots again. The only way to recover is to get out of range of the rouge AP so you can stop the crash, boot, crash cycle.

    --
    "File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
  6. Re:even when in offline mode by fisted · · Score: 3, Informative
    Well I kind of chuckled when you said

    How did it take you that long to read the handful of comments that existed at the time?

    because it couldn't make more clear how (as per /. etiquette, of course, I know) directly jumping to the comment section is your usual MO, when in reality, the occasional guy who actually does spend a few minutes on reading TFA is not unheard of.
    Therefore it could have been a funny and subtle troll as well; thanks for ruling out that possibility :).

    Besides, It's also very possible that the poster just reads /. the way I do, which is skimming the front page for stories of potential interest (i know, i know), opening them in background tabs, and only /then/ going through the opened stories, eh, comment sections, one by one. So there's quite a delay between clicking on a story (causing comments to be loaded), and actually looking at it for the first time.

    --
    CLI paste? paste.pr0.tips!