Researchers discover one other terrifying iOS flaw
It may’t have escaped your consideration that safety specialists have declared open season on Apple merchandise over the previous few weeks. At San Francisco’s RSA convention, an much more terrifying exploit has been revealed that has the facility to ship your iPhone or iPad right into a perpetual restart loop. Cellular safety agency Skycure has found that iOS eight has an innate vulnerability to SSL certificates that, when mixed with one other WiFi exploit, provides malicious varieties the power to create “no iOS zones” that may render your smartphones and tablets unusable. Earlier than you learn on, seize a roll of tinfoil and begin making a brand new case on your iPhone.
Broadly talking, any app that makes use of SSL certificates – which is nearly all of them – may be fed a dummy certificates that causes it to crash. If, nevertheless, you’ll be able to feed that very same dodgy knowledge into the working system itself, then the hardware can be thrown right into a perpetual loop of failed restarts. That may be simply achieved in the event you can arrange a WiFi community to behave like one of many trusted setups that iOS mechanically tries to hook up with. So, as Gizmodo says, all it takes is for somebody to construct a nefarious community, identify it “attwifi” they usually’ve obtained a honeytrap.
Skycure has already reported its findings to Apple and will not give away any extra particulars ought to it give hackers free reign to brick hundreds of units. Till the issue is fastened, customers are suggested to not belief free WiFi networks, maintain iOS up to date and, ought to they wander right into a “no iOS zone,” get out, shortly.