WiFi security hack exploits the January 1st, 1970 iOS bug

— WiFi security hack exploits the January 1st, 1970 iOS bug —

An iOS bug can cause iPhones and iPads and iPods to essentially self-destruct under certain conditions. Contrary to some of the more sensational headlines (This iOS date trick will brick any device from 9 to 5 Mac, and Setting the date to 1 January 1970 will brick your iPhone, iPad or iPod touch from The Guardian), this problem only applies to 64-bit iPhones, iPads, and iPods running iOS 8.0 through 9.3. That means iPhone 5s or newer, the iPad Air, the iPad mini 2, or the sixth-generation iPod touch. The bug kicks in when the date on the device is set to January 1st, 1970; my best guess is that dates and times are stored as some number of “seconds since midnight, January 1st, 1970” and that would make 1/1/1970 zero. And that apparently causes some issue within the operating system, causing the processor to run constantly as it tries to do some calculation that it can’t do with a zero value for the date. Eventually the device overheats and dies.

Previously, it was thought that this bug could only be triggered manually, so there was not a lot of worry about it. But, recent research shows that an incorrect date and time value can be sent to an iPhone or iPad or iPod over WiFi, so if an iOS device of the proper vintage can be made to connect to a WiFi network maliciously set to send the wrong time, the 1/1/1970 date could be obtained automatically. The details are contained in an informative article at Krebs on Security.

This exploit works because iOS connects to time servers periodically in order to always know the proper time and date. The servers are at time.apple.com, and the connections are automatic. As long as you have a network connection, your iOS device is checking with time.apple.com to get the time. So, all the bad guys have to do is get you to join their bad network. How do they do that? Easily, that’s how. Remember: your iPhone and iPad and iPod touch will automatically connect to any network that they have connected to before. So, if the bad guys can guess the name of a network that you might have connected to before, especially if it’s one that didn’t require a password (such as “attwifi”), they know that your device will connect to it automatically when you come within range. Then, with you connected to the bad guys’ network, they push the 1/1/1970 date to you by “spoofing” the time.apple.com server. That is, they set up a server with the time.apple.com name, but they send the wrong date. And now your device, if it’s on iOS 8.0 through 9.3, and if it’s a 64-bit device– that is, reasonably new– it will be toast.

Solution: if your device is on iOS 8.0 through 9.3, get the 9.3.1 update (use the software update mechanism on the device: Settings/General/Software Update). If you’re not sure whether your device is susceptible to this exploit have a look at Wikipedia’s page of iOS device and their specs.

And never, never, try setting the date on your iPhone or iPad or iPod touch to 1/1/1970 “just to see what happens.” It won’t end up well. You MAY be able to recover from this but it’s not going to be easy.

by


Leave a Reply

Your email address will not be published.