A new security flaw in iOS 8 discovered by researchers has proven that attackers can crash any iPhone or iPad over a WiFi network. The security bug crashes the iOS 8 devices, and in some cases renders the devices unusable by forcing it into a boot-loop.
The vulnerability named ‘No iOS Zone’was presented by the researcher from security firm skycure, at the RSA security conference. ‘No iOS Zone’ is a vulnerability in iOS 8 that allows attackers to crash any iOS device within the range of a WiFi hotspot – whether you deliberately connect or not. While the attack works on all iOS devices running iOS 8, the iPhones turned out to be more vulnerable than iPads.
The vulnerability takes advantage of a bug in iOS 8 allowing attackers to manipulate SSL certificates sent to iOS device over a network, that are used in almost every app and the iOS itself. By manipulating these SSL certificates, the researcher could make iOS devices crash, and in worst-case the devices went into bootloop, rendering them unusable. The only way to avoid such attack is by disabling the WiFi on your device.
The vulnerability doesn’t seem too bad, as the attacker needs control of the WiFi network the device to connected to in order to send those bad SSL certificates. So it’s best not to connect to any random WiFi hotspots, and you’ll most probably be fine.
The researchers made use of an older exploit, they’d named WiFiGate, and combined it with the SSL certificate flaw. All the iOS devices are pre-programmed by the carriers to automatically connect to certain WiFi networks. For example, all the AT&T iOS devices will automatically connect to any network called ‘attwifi’. There’s no way to prevent those devices from connecting to ‘attwifi’ network.
The attacker could set up a hotspot with suitable name in busy coffee shop, and then there’ll be no shortage of iOS devices automatically connecting to that hotspot allowing attacker to send those bad SSL certificates without device owner’s knowledge.
http://www.youtube.com/watch?v=PmgI0LaFYLA
There is nothing you can do about it other than physically running away from the attackers. This is not a denial-of-service where you can’t use your Wi-Fi – this is a denial-of-service so you can’t use your device even in offline mode.
Fortunately, the research company is not going to publicly share the vulnerability details, and is working with Apple on a fix, but any iOS device is theoretically vulnerable to the attack for now. Hopefully, we’ll see a fix in an ioS software update real soon.
[Gizmodo]