Evil Wi-Fi kills iPhones, iPods in range – 'No iOS Zone' SSL bug revealed

[triptolemus]

RSA 2015 A vulnerability in iOS 8 can be exploited by malicious wireless hotspots to repeatedly crash and reboot nearby Apple iPhones, iPads and iPods, security researchers claim.

Skycure bods Adi Sharabani and Yair Amit say the attack, dubbed "No iOS Zone", will render vulnerable iOS things within range unstable – or even entirely unusable by triggering constant reboots.

“Anyone can take any router and create a Wi-Fi hotspot that forces you to connect to their network, and then manipulate the traffic to cause apps and the operating system to crash,” Sharabani told the RSA security conference in San Francisco today.

“There is nothing you can do about it other than physically running away from the attackers. This is not a denial-of-service where you can't use your Wi-Fi – this is a denial-of-service so you can't use your device even in offline mode.”

http://www.theregister.co.uk/2015/04/22/apple_no_ios_zone_bug/

 

[FatPuppy]

There is a simple fix for this problem and I am not sarcastic at all: don't use public wi-fi connections.

 

[I7guy]

I have wifi turned off except when in the house; other times I'm always on cellular data.

 

[Jessica Lares]

Yep, I only stick to cellular or my own home wifi too.

 

[ardchoille50]

There is a simple fix for this problem and I am not sarcastic at all: don't use public wi-fi connections.

Exactly. There are many reasons to avoid using public wifi networks, this is one of them.

 

[adamhenry]

I have wifi turned off except when in the house; other times I'm always on cellular data.

That is what I do as well. Saves power too.

 

[C DM]

That is what I do as well. Saves power too.

I've had it on and off for periods of times and have seen no power usage differences one way or another.

 

[adamhenry]

I've had it on and off for periods of times and have seen no power usage differences one way or another.

Well it might be more theoretical than practical but if wifi is enabled it will be listening which takes some power and then transmitting when it detects a signal which definitely takes power.

 

[GreyOS]

There is a simple fix for this problem and I am not sarcastic at all: don't use public wi-fi connections.

erm isn't the point that it forces you to connect?

“Anyone can take any router and create a Wi-Fi hotspot that forces you to connect to their network, and then manipulate the traffic to cause apps and the operating system to crash,” Sharabani told the RSA security conference in San Francisco today.

 

[FatPuppy]

erm isn't the point that it forces you to connect?

What? I don't get what you're saying.

 

[GreyOS]

What? I don't get what you're saying.

you seem to be saying don't connect to public wifi connections, but it reads like this exploit forces your phone to connect without your choice.

 

[FatPuppy]

you seem to be saying don't connect to public wifi connections, but it reads like this exploit forces your phone to connect without your choice.

So you're saying that the hacker can turn on my wifi on my iphone and connect it to his wifi ? That would be insane.

 

[GreyOS]

Evil Wi-Fi kills iPhones, iPods in range – 'No iOS Zone' SSL bug revealed

it might not be able to turn on the wifi, I'm not sure. but leaving wifi on and not connecting to public wifi would still be following your initial advice. if you mean turn wifi off when you leave the house, ok... though remember people may still need to use private wifi that's within range of public wifi too

but yes with wifi on it looks like it can force you to connect, I think?