No iOS Zone, A Vulnerability That Allows iOS Devices To Be Crashed Within Wireless Hotspots
Watch out: all the iOS devices can be vulnerable to attackers who can crash Apple iPhones, iPads and iPods when they are connected to any wireless hotspot. That is according to the “No iOS Zone,” a vulnerability exposed by researchers from security firm Skycure, at the RSA security conference in San Francisco.
“Anyone can take any router and create a Wi-Fi hotspot that forces you to connect to their network, and then manipulate the traffic to cause apps and the operating system to crash,” Skycure CEO Adi Sharabani said in his presentation at the the conference.
“There is nothing you can do about it other than physically running away from the attackers. This is not a denial-of-service where you can’t use your Wi-Fi – this is a denial-of-service so you can’t use your device even in offline mode,” he added.
The attackers may exploit the SSL certificates that are shared with Apple devices over the network. These certificates have usage in almost all the apps as well.
It is nearly impossible for users to escape from this vulnerability. This is because iOS devices come pre-set to connect to certain hotspot networks. To illustrate, iOS devices on AT&T will always set connection with any network called ‘attwifi’ so the customers seem in no control.
“As the vulnerability has not been confirmed as fully fixed yet, we’ve decided to refrain from providing additional technical details, in order to make sure iOS users are not exposed to the exploit caused by this vulnerability,”said Sharabani.