You can still brick an iPhone running on iOS 9.3 using January 1, 1970 bug and public Wi-Fi
If you are sitting in an Coffee Cafe Day outlet and suddenly you iPhone breaks down, you should know that it has been hacked using the public Wi-Fi hotspot using NTP request. Two security researchers Patrick Kelley and Matt Harrigan have uncovered a new way to exploit the infamous January 1, 1970 bug that was found to be the cause of bricked iPhones in February.
Readers may note that Apple has patched the January 1, 1970 bug in its latest iOS 9.3 version. However the method discovered by Kelley and Harrigan relies on the way in which an iPhone constantly looks for trusted Wi-Fi networks. This method can be used by hackers to brick your Wi-Fi connected Apple device, without you even knowing it was happening.
In a hypothetical example described by Krebs on Security, if a user confirms that a network called “attwifi” is a trusted connection, any subsequent network they come into contact with boasting the same name will connect with their iPhone. That way, when users revisit the same location frequently, they never have to fiddle with going through the Wi-Fi set-up process again. But the feature could be used to silently weaponize the 1970 bug, connecting users to similarly-named networks they’ve never encountered and altering the date and time stamps of their iOS devices.
In their research, Kelley and Harrigan used this feature of iPhones and iPads to build a nefarious Wi-Fi network, harnessing the requirement of iOS devices to occasionally connect to a network time protocol (NTP) server to keep date and time in sync. Once a user connected to their thought-to-be trusted network, the iPhone would reconfigure its software to update the date and time information from Kelley and Harrigan’s own NTP date, which they specified as January 1, 1970.
Harrigan, president and CEO of San Diego-based security firm PacketSled noted as follows :
“One thing we noticed was when we set the date on the iPad to 1970, the iPad display clock started counting backwards. While we were plugging in the second test iPad 15 minutes later, the first iPad said it was Dec. 15, 1968. I looked at Patrick and was like, ‘Did you mess with that thing?’ He hadn’t. It finally stopped at 1965, and by that time [the iPad] was about the temperature I like my steak served at.”
Apple has fixed the issue and anyone running iOS 9.3.1 will be protected from the new iteration of the 1970 bug. Older iOS releases, including the original iOS 9.3 update, are still susceptible, however.