Science

Here's How Dishonest Wifi Can Remotely "Brick" Your iPhone

If you are running an old version of iOS, it could happen to your phone.

by Nickolaus Hines
Zach Straley

Time travel will auto-brick your iPhone.

In February, Zach Straley uploaded a YouTube video that shows something truly disturbing: Manually setting the date on an iPhone 5s and newer to January 1, 1970, permanently “bricks” it. Sure it takes some scrolling, but it was one of the easiest ways to kill an iPhone. And people paid attention: the video garnered more than 7.4 million views.

According to Straley, the Genius Bar couldn’t solve the problem either, and would just replace the phone. Still, only a sick, cruel person would steal your phone, take the time to scroll the date to 1970, and destroy it forever. But in today’s connected world, if it can be done by hand, it can be done wirelessly.

Security researchers Patrick Kelley and Matt Harrigan applied $120 of electronics and their technical skills to some Apple knowledge.

They found a way to wirelessly time-travel an iPhone to death.

This is your warning: if you haven’t updated your Apple device to at least iOS 9.3.1, this could happen to you.

The problems start because Apple products inherently trust wireless network names they have connected to before. Rather than re-authenticating a connection each time the device comes across a wifi with a known name, it jumps on it. Therefore, if you connect to a wifi called “DontStealThis,” your Apple product will automatically join any other wifi network with the name “DontStealThis.” The same goes for all public access names you might come across in your neighborhood Starbucks.

A hacker with the wrong intentions could go to a public access spot and set up his or her own wifi that has the same name as the legit open network. Unknowing people would log on and go about their business, thinking they are on a safe public wifi, and the hacker has access to their device.

This could lead to all kinds of issues, but when it comes to the public bricking, Apple products’ Network Time Protocol (NTP) is where the threat lies. The NTP synchronizes a device’s clock based on the data network to which it’s linked. Devices sync internal date and time clocks according to the NTP on the wifi, which in the hacker’s case, is set to the deadly date of January 1, 1970.

All of the applications on the Apple device try to adjust to the date at once. The processor can’t handle it, and Harrigan and Kelley found that an iPad they tested hit 130 degree Fahrenheit. Needless to say, the iPad was toast. 🔥

“The reboot caused all iPads in the test to degrade gradually,” Harrigan and Kelley write in a paper they shared with KrebsOnSecurity. “Beginning with the inability to unlock, and ultimately ending with the device overheating and not booting at all. Apple has confirmed this vulnerability to be present in 64 bit devices that are running any version less than 9.3.1.”

It turns out that iPhones are a little better protected from this hack than wifi-only iPads, because they get their time from cell signals. Still, Harrigan and Kelley warn that it’s not impossible to overheat a phone with a mobile network that sends January 1, 1970, date and time information via cellular tower.

What should you take away from this? The likelihood of this attack is pretty low, especially for an iPhone, but you should probably update to at least iOS 9.3.1 just to be safe.