(888) 913-6266

Nanotek

Nanotek
  • About Us
    • Microsoft Partnership
    • Available Positions
    • Contact Us
  • Services
    • NanoConsult
      • IT Consulting Services
      • IT Support Services
      • Managed IT Services
      • Office 365 Migration Simplified
      • Microsoft Azure Managed Services
    • NanoCloud
    • NanoBackup
    • NanoVoice
    • NanoCreaDev
  • Industries
    • Legal
    • Financial
    • Manufacturing
    • Associations / Lobby Groups
    • Small Businesses
    • Enterprises
  • IT Support Options
    • Get Customer Support
    • Support Packages & Contracts
    • Emergency Support Services
  • Case Studies
    • Success Story Videos
      • NanoVoice
      • NanoConsult
      • NanoCloud
    • Testimonials
  • Resources
    • FAQ
    • Nanotek Blogs
    • Videos
    • Support Tools
  • Contact
    • Book Consultation
    • Request Quote
    • Request Cloud Demo
    • Referral Program
    • Contact Us
no iOS Zone
  • Like 

Security firm shows how to crash an iPhone with a wireless DoS attack

8 years ago nanotek

no iOS ZoneIt’s highly unlikely that people have experienced this on their iPhone or iPad, but it’s possible that iOS app crashes could be due to a wireless denial of service (DoS) attack.

That’s because SkyCure, a mobile device security company, has actually replicated the attack and explained it as high level during the 2015 RSA Conference.

Even worse, the attack can cause an endless reboot of your iPhone. SkyCure has kept the technical details to a minimum becuase it doesn’t want to provide would-be attackers with the exact method. And the company says it is working with Apple to help remove the potential vulnerability in iOS 8.

For the DoS to actually happen, a Wi-Fi router would need to be setup with a “specific configuration,” according to SkyCure’s blog post on the situation. A particuarly designed SSL certificate would be required for a hacker to perform the DoS, with a script exploiting this particuarly bug that SkyCure says is within iOS 8 and the apps on it:

“With our finding, we rushed to create a script that exploits the bug over a network interface. As SSL is a security best practice and is utilized in almost all apps in the Apple app store, the attack surface is very wide. We knew that any delay in patching the vulnerability could lead to a serious business impact: an organized denial of service (DoS) attack can lead to big losses.

” How might the exploit be implemented? Once an iPhone or iPad is connected to the Wi-Fi router that’s set up to exploit the bug, any iOS apps that rely on SSL communications would simply crash in a way that could makee the iOS device unusable. You can’t even disconnect from the offending Wi-Fi network, notes SkyCure, which has used the exploit to force an iPhone into an endless boot cycle.

Again, the exploit is an unlikely circumstance. And my immediate thought for if this were to happen would be to get my device out of range from the Wi-Fi router; ideally, that would cause the DoS attack to cease. This also reinforces the common sense notion to connect only to known Wi-Fi networks, no matter what phone, tablet or computer you use. Regardless, no exploit is a good exploit, so if Apple agrees with SkyCure’s analysis, I’d expect some sort of patch in a future iOS 8 software update.

Previous Post

Apple failed to fix "rootpipe" backdoor flaw, researcher warns

Next Post

10 Things you can do to make your Android device more secure

Recent Posts

September 2023
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  
« Mar    

Tweets

  • About Us
    • Microsoft Partnership
    • Available Positions
    • Contact Us
  • Services
    • NanoConsult
      • IT Consulting Services
      • IT Support Services
      • Managed IT Services
      • Office 365 Migration Simplified
      • Microsoft Azure Managed Services
    • NanoCloud
    • NanoBackup
    • NanoVoice
    • NanoCreaDev
  • Industries
    • Legal
    • Financial
    • Manufacturing
    • Associations / Lobby Groups
    • Small Businesses
    • Enterprises
  • IT Support Options
    • Get Customer Support
    • Support Packages & Contracts
    • Emergency Support Services
  • Case Studies
    • Success Story Videos
      • NanoVoice
      • NanoConsult
      • NanoCloud
    • Testimonials
  • Resources
    • FAQ
    • Nanotek Blogs
    • Videos
    • Support Tools
  • Contact
    • Book Consultation
    • Request Quote
    • Request Cloud Demo
    • Referral Program
    • Contact Us
  • Toll Free: (888) 913.6266
  • General: info@nanotek.ca Support: support@nanotek.ca Sales: sales@nanotek.ca
  • 81 Zenway Boulevard Unit #1, Vaughan, ON L4H OS5 Canada

_________

© 2017 Nanotek Consulting Corp. All rights reserved.