iOS 1970 Bug Is Back, Can Be Exploited Via Rogue WiFi Networks

An anonymous reader writes: Back in February iOS users noted that setting your phone/tablet's date to January 1, 1970 would permanently brick their devices. After Apple fixed the issue in iOS 9.3.1, two security researchers have now uploaded a video on YouTube showing how to exploit this bug from a remote location, with no access to the user's phone. The setup involves attackers putting up a Wi-Fi network on which they're running a rogue NTP server. This server tells iOS devices syncing their time that it's December 31, 1969, 23:59:00. Twenty minutes later, if the battery didn't catch fire (which is possible with this new exploit), the iPad or iPhone device is permanently and irreversibly bricked.

Bad Summary?

[blazer1024]

So the summary (and the headline) seem to imply that this bug affects even devices with iOS 9.3.1, but the article actually states:

If the device was running an iOS version vulnerable to the 1970 bug, after a minute, the device would reach the problematic crash date.

...

Kelley and Harrigan recommend that users update as soon as possible to iOS 9.3.1.

This is actually just a remote way to exploit this bug, and not a new bug as the summary suggests.

It was fixed...

[pushing-robot]

If it wasn't clear, the bug was fixed in 9.3.1 - this only affects devices that haven't been updated.

Also, I think the highest temperature recorded was 54C... not something you'd want to touch, but not likely to catch fire either.

Finallly, if it's like the previous exploit, the device isn't completely bricked... when the battery goes dead or is disconnected the device can be reset.

Re:Apple genuii

[pushing-robot]

No, fire the summary writer.

The bug was fixed, this is just a practical way of exploiting devices running the affected versions.

Also, there have been no battery fires, but aluminum feels pretty hot when it gets to 50C and people assumed their phones must be OMG about to CATCH FIRE!!11!!eleven