contador gratuito Saltar al contenido
Contact :

1970 bug can brickear devices with iOS 9.3 and earlier

Bug 1970

1970 bug

Among the many novelties that came with iOS 9.3 there was one that solved a bug in which if we set a specific date of 1970 the iPhone might not be able to start again. But it seems that the curse of 1970 has not yet been removed, since security researchers have found a variant with which one could bricke the device later, as soon as the iPhone connects to a Wi-Fi network. The new exploit use a combination of two weaknesses discovered in iOS, as reported by KrebsonSecurity.

The first of these weaknesses is that iOS devices are automatically connect to known networks, but depend on the SSID to identify them. An iPhone, iPod Touch or iPad will automatically connect to a malicious network that uses the same name as one of the networks to which it has been connected in the past. The second of the weaknesses is that iOS devices are programmed to constantly check that their date and time settings are correct by connecting to NTP servers.

1970 returns to threaten devices with iOS 9.3 and earlier

All the security researchers had to do was create their own Wi-Fi zone with the name “attwifi”, as they are used in Starbucks, and their own NTP (Network Time Protocol) server making them see that they are to deliver the date January 1, 1970.

The result? IPads that entered the range of the (bad) test network were restarted and began to self-destruct little by little. It is not clear why they do this, but here is a possible explanation: most applications on an iPad are configured to use security certificates that encrypt data transmitted to and from the user's device. These encrypted certificates cease to function correctly if the date and time of a user's mobile system are set in a year that precedes the issuance of the certificate.

The bug is related to the previous 1970 bug, but it is not the same, so it was not corrected with the release of iOS 9.3. His discoverers, security investigators Patrick Kelley and Matt Marrigan, informed Apple of the ruling and those of Cupertino fixed it on iOS 9.3.1. The researchers did what has to be done in these cases: inform and agree not to make the exploit until the responsible company had fixed it. We may think that the best thing would be to never publish it, but by doing so they gain prestige as security researchers. Of course, they endanger all those users who are still in iOS 9.3 and earlier versions.

The best accessories for your iPhone

Are you looking for a new case for your iPhone? An accessory for the Apple Watch? Maybe a Bluetooth speaker? Do not miss these offers on accessories and get the most out of Apple's mobile: