Apple's iPhones have a tendency to connect to public Wi-Fi networks automatically which they've been connected with before but they can also connect to malicious Wi-Fis which bear the same name as the ones they recognise.
Forget public Wi-Fi, your phone battery is helping hackers track you around
Two researchers working for PacketSled and CriticalAssets.com noted that iPhones and iPads constantly update “network time protocol” through Wi-Fis to sync their date and time settings. Using a malicious Wi-Fi with a name that an iPhone recognises, a hacker can feed in January 1, 1970 as the date which ends up crashing the iPhone.
"The researchers said they discovered they could build a hostile Wi-Fi network that would force Apple devices to download time and date updates from their own (evil) NTP time server: And to set their internal clocks to one infernal date and time in particular: January 1, 1970," wrote security researcher Brian Krebs in his website.
The researchers created a malicious Wi-Fi network named 'PhoneBreaker' and tested their theory on a few iPads. As soon as these iPads connected to the network, they re-booted and failed to start again. As per Krebs, the logic behind this phenomenon is that encryption certificates in iPads, which encrypt data sent and received by the devices, fail to work if the date and time settings of iPads are set to dates which pre-date the year when these certificated were issued.
Thanks to the demise of encryption certificates, applications inside the affected iPads start competing for resources and thereby put immense strain on the CPUs within, thus heating up the iPads.
Eight tips and tricks to stay safe online and how to check if your details have been sold to hackers!
"The reboot caused all iPads in test to degrade gradually, beginning with the inability to unlock, and ultimately ending with the device overheating and not booting at all. Apple has confirmed this vulnerability to be present in 64 bit devices that are running any version less than 9.3.1,” said Patrick Kelley and Matt Harrigan, the researchers in question.
Apple had to grapple with a major source of concern for users after it turned out that iPhones and iPads bricked themselves as soon as their dates were set to January 1, 1970. The smartphone giant quickly released a new version of iOS named iOS 9.3.1 to fix the bug in question. However, the recent experiment by the researchers Kelley and Harrigan revealed that the flaw still exists and can be taken advantage of by not-so-well-meaning hackers.
If you are concerned that your iPhone or iPad may also connect automatically to unsecured public Wi-Fi networks run by hackers, you can enable “ask to join networks” in your device' Wi-Fi settings to ensure that your handset doesn't connect automatically to unknown networks. However, this method won't stop your iPhone or iPad from connecting to Wi-Fi networks that they are already familiar with. In such cases, you will need to constantly check if your phone is connected to any Wi-Fi network and manually disable the connection if you don't trust the network.