Wireless version of iOS 1970 date bug has the potential to remotely brick hardware
Two months back, iOS users were talking about a silly bug that was causing some big problems for users foolish enough to test it on their own hardware: by manually dialing back the iOS system date to 1970, users could effectively brick their devices. It was annoying, sure, but at least it wouldn’t happen by accident; it took a concerted effort to intentionally get the date that far back. And when Apple ultimately delivered a fix in the form of a new iOS release, that was the end of that, right? Well, not quite, and security researchers are now revealing how the 1970 glitch could have been devastating, as they show off how to remotely trigger it.
By using some network hardware (above) that spoofs a connection to Apple’s time servers, the attack wirelessly tells connected devices that the date is 1/1/1970.
Unlike the manual glitch, using NTP servers like this has a more gradual effect on system instability, but one with serious consequences all the same. Those include refusing to unlock, freezing up on boot, causing the hardware to get incredibly hot, and refusing to connect over USB. The temperature gets so high that it’s possible the attack does permanent damage to the battery.
When Apple first released its 1970 bug fix in iOS 9.3, it did so by preventing users from manually setting the date back so far, and we wondered if that would do enough to stop this vulnerability in its tracks (or if there might be some other way to get the date into that same glitchy state). Apparently that really wasn’t enough, and the researchers behind this attack indicate that after letting Apple know about their own wireless version of the date glitch, it took until iOS 9.3.1 to patch it. As a result, you might want to be extra careful of the wireless networks you connect to unless you’re running 9.3.1.