Slashdot Mirror

← Back to Stories (view on slashdot.org)

iOS 1970 Bug Is Back, Can Be Exploited Via Rogue WiFi Networks (softpedia.com)

Posted by msmash on from the weird-bugs-strange-exploits dept.

An anonymous reader writes: Back in February iOS users noted that setting your phone/tablet's date to January 1, 1970 would permanently brick their devices. After Apple fixed the issue in iOS 9.3.1, two security researchers have now uploaded a video on YouTube showing how to exploit this bug from a remote location, with no access to the user's phone. The setup involves attackers putting up a Wi-Fi network on which they're running a rogue NTP server. This server tells iOS devices syncing their time that it's December 31, 1969, 23:59:00. Twenty minutes later, if the battery didn't catch fire (which is possible with this new exploit), the iPad or iPhone device is permanently and irreversibly bricked.

3 of 106 comments (clear)

  1. It was fixed... by pushing-robot · · Score: 5, Informative

    If it wasn't clear, the bug was fixed in 9.3.1 - this only affects devices that haven't been updated.

    Also, I think the highest temperature recorded was 54C... not something you'd want to touch, but not likely to catch fire either.

    Finallly, if it's like the previous exploit, the device isn't completely bricked... when the battery goes dead or is disconnected the device can be reset.

    --
    How can I believe you when you tell me what I don't want to hear?
  2. Re:Apple genuii by pushing-robot · · Score: 5, Informative

    No, fire the summary writer.

    The bug was fixed, this is just a practical way of exploiting devices running the affected versions.

    Also, there have been no battery fires, but aluminum feels pretty hot when it gets to 50C and people assumed their phones must be OMG about to CATCH FIRE!!11!!eleven

    --
    How can I believe you when you tell me what I don't want to hear?
  3. Re:Apple genuii by tlhIngan · · Score: 3, Informative

    This is true. Also WHY is the ipad following NTP if the slew rate is greater than 500ppm? The NTP RFC's clearly states that this is the maximum you should adjust the clock via the protocol(s).

    NTP has two modes.

    First is to keep clocks in sync, so if you have a network of devices, the clocks can tick pretty much together. This is what you use NTPd for - to keep clocks on a network in sync.

    The other use is to set the clock, which uses the same protocol, except we call it "daytime protocol" because they do an NTP query to get the current date/time to set it. In Linux, you use "ntpdate" to set the clock initially since NTPd will refuse to run if the system clock and server clock are too far apart. So you use ntpdate to get the clock close enough.

    Most devices when you set "Automatically set date/time" use daytime to set the clocks. It's only stuff like the Apple watch (which is used to keep time) that generally wants to keep time in sync.