No iOS Zone attackers remotely crash iPhones within in wi-fi rang

 

Photo

Photo (c) dolphfyn - Fotolia

(Jennifer Abel @ ConsumerAffairs) Another day brings another way hackers can wreak havoc on your life, this time for owners of Apple devices: securityresearchers from Skycure have discovered a vulnerability they call the “No iOS Zone,” which effectively lets attackers crash any mobile iOS device connected to a wi-fi hotspot.

Actually, it's even worse that: You don't have to actively connect your device to a hotspot in order to be at risk. No iOS Zone lets attackers crash your device if you are so much as in range of a hotspot, unless you've completely turned off the device (or at least its wi-fi).

Yet in a way this is not entirely surprising — and Apple devices aren't the only ones at risk from public wi-fi.

Last summer, for example, Ars Technica tried a little experiment and discovered that millions of customers of both Comcast and AT&T were at risk of letting hackers surreptitiously get into their devices' Internet traffic and steal all sorts of personal data, because those two companies' hotspots proved particularly easy for hackers to “spoof” (which is hackerspeak for “impersonate”).

Simple explanation

Here's a very oversimplified explanation of why: Unless you specifically turn off that feature, or your device itself, your smartphone, tablet or other connectable device is always looking to connect with a familiar network.

Let's say you visited Starbucks to take advantage of their free w-fi. Now, every time you go there your phone automatically sends out a signal, basically saying “Hey, Starbucks w-fi, where are you?” and waiting for the electronic response “Here I am! Starbucks wi-fi, now connecting with you.”

But it's very easy for anyone to set up a wireless hotspot to respond under a false name: “Here I am, Starbucks wi-fi! Actually I'm a hacker up to no good, but I said my name is 'Starbucks w-fi' so I can connect with you.”

To guard against that particular danger, you must shut off the wi-fi connections on your mobile devices when you're not using them, and set each device so that it must ask before joining a mobile network.

Endless reboot

The “No iOS Zone” vulnerability is similar, except instead of letting hackers use wi-fi hotspots to spy on various iDevices, it “only” gives hackers the ability to make those devices crash and go into an endless reboot loop. And once that happens, you can't turn off your wi-fi connection and regain control since, of course, your device has to be booted up before you can change its wi-fi settings or do anything else with it.

The Skycure researchers presented their findings (available here in .pdf form) at today's RSA Conference (an annual cryptography and information-security conference held in San Francisco).

The researchers named this vulnerability the “No iOS Zone” because once attackers set up a malicious wi-fi network, any iOS mobile device within range of it would connect, get stuck in an endless reboot loop and thus be rendered useless, resulting in a literal no-iOS zone.

Skycure's presentation also offered a list of “potential areas that may be attractive for attackers,” which includes “political events, economical & business events, Wall Street [and] governmental and military facilities.”

Apple is currently working with Skycure to develop a fix for this problem. Meanwhile, iOwners should keep their wi-fi turned off unless and until they actually plan to use it, and be extra-wary of any public wi-fi hotspot – which, come to think of it, is good advice regarding any mobile device, regardless of who manufactured it.