Thursday, April 14, 2016

iPhone even malicious WiFi brick how to do? L iOS9.3.1 it

iPhone even malicious WiFi brick how to do? L iOS9.3.1 i

Apple had previously released a patch for the 1970 issue - The BUG is the clock, set the date to January 1, 1970, the iPhone reboot the brick. This problem after updating latest iOS firmware, can be resolved. But there are still a lot of Apple's new device does not update the firmware: Krebs on Security of the latest news, it was configured by a malicious over WiFi network using 1970 issues can make your iPhone brick.
iPhone brick .jpg
Many people may think, as long as not even the so-called malicious WiFi network is not on the list? Since the terminal has now remember WiFi network functions, encountering the same ssid's WiFi will automatically reconnect. As long as such a WiFi configuration properly, your phone will automatically connect these natural WiFi.

"For example, you may be at Starbucks with their free WiFi, with the iPad to connect a named attwifi network. Once you do that, after you re-encounter the iPad called attwifi wireless network, it will automatically connect. This also for iOS devices to access the WiFi network easier.

"From the attacker's point of view, this is clearly a good use of the opportunity. Why? He just needs to be a fake attwifi Wi-Fi hotspot, people placed in intensive areas. Re-use specific hardware to amplify the WiFi signal, then many people will automatically connect to this malicious attwifi network. As a result, he will be able to check, modify or redirect network traffic accident that access to this network the iPad or other devices. "

In fact, once connected to such malicious network, the device will obtain the network configuration update time (NTP server) from the appropriate server, this server is the time set in the January 1, 1970, then, if you iOS device is not fitted with the latest firmware, you can restart the nature of the brick.

"At present, it remains unclear why these people want to do, possible explanation is: the vast majority of applications on the iPad is set to use the security certificate, encrypted data transmission systems and equipment for data if the time and date on the user device. is set to be earlier than the time the certificate was issued, then these encryption certificate is not used correctly. "

Of course, as long as your system is updated to iOS 9.3.1, you can avoid this problem.
Post a Comment