iOS Wi-Fi zone hack could wreck users’ head

22 Apr 2015

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Furious smartphone user, via Shutterstock

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

An intricate iOS Wi-Fi hack that can wreak havoc on any users out there has just been discovered, and it looks incredibly annoying.

The capability to create what is in essence a ‘No iOS Zone’ was discovered by Skycure during a series of tests recently.

An attacker could essentially create their own dodgy ‘free Wi-Fi’ network and allow iOS users to join it when in range.

Then, by tripping another glitch it could send the iOS devices into a constant spiral of restarting, until the person left the range.

“Basically, by generating a specially-crafted SSL certificate, attackers can regenerate a bug and cause apps that perform SSL communication to crash at will,” said the company, when talking in general, before honing in on Apple’s own operating system.

iOS Wi-Fi hack is car-crash for users

Essentially the SSL-parsing vulnerability discovered affects the underlying iOS and, with “heavy use” of iOS devices exposed to the vulnerability, the whole thing can crash.

Skycure then found a way to loop the crash, making quite the iOS Wi-Fi hack.

When combined with WiFiGate, something they discovered in 2013 that lets you comandeer devices’ access to Wi-Fi in a given zone, it all adds up to a disaster for iOS.

“Think about the impact of launching such an attack on Wall Street, or maybe at the world’s busiest airports, or at large utility plants. The results would be catastrophic.”

Skycure went on to say that it monitors for such instances and that, in fact, there’s not a whole lot to worry about.

Well, as long as you take an active role in choosing what Wi-Fi networks you opt to connect to.

Furious smartphone user, via Shutterstock

Gordon Hunt is senior communications and context executive at NDRC. He previously worked as a journalist with Silicon Republic.

editorial@siliconrepublic.com