Apple iOS vulnerable to WiFi SSL bug that can lock devices2015-04-24 09:01 by Daniela
Tags: Apple, iOS, SSL
Researchers at Skycure have found that Apple devices using iOS 8 are vulnerable to fly-by WiFi attacks. The bug allows nearby attackers to send apps that can cause an endless reboot cycle and temporarily makes the devices useless.
Called "No iOS Zone" it allows a rogue WiFi hotspot to launch a DDoS (Distributed Denial-of-Service). The attack can be achieved by exploilting a flaw in the SSL security certificate of iOS 8 which leaves the device wide open.
"This is not a denial-of-service where you can't use your Wi-Fi – this is a denial-of-service so you can't use your device even in offline mode," SkyCure CEO Adi Sharabani said."When their programs crash, people tend to put this off as a quality issue," he added. "But it can be a serious vulnerability."
The company has reported the issue to Apple, and say they are working with the manufacturer on a fix. The latest iOS version, the 8.3 released this month, fixed some of the vulnerabilities, while others are still not patched.
Read more -here-