At the RSA 2015 conference Adi Sharabani and Yair Amit (team Skycure) αποκάλυψαν μια ευπάθεια zero-day στο iOS 8 που όταν χρησιμοποιηθεί από ένα κακόβουλο ασύρματο Hotspot, can repeatedly crash all Apple devices i.e. iPhones, iPads and iPods.
The researchers they called the attack “No iOS Zone”, and it can make all iOS devices vulnerable and unstable or even completely useless by causing constant reboots.
“Anyone can from any router create a Wi-Fi hotspot and force you to connect to their network. He can then manipulate her movement για να προκαλέσει την κατάρρευση του λειτουργικού συστήματος,” ανέφερε ο Sharabani στο συνέδριο της RSA security today in San Francisco.
"There is nothing you can do about it, except maybe to avoid raiders. It's not a common denial-of-service where you can not just use your Wi-Fi - it is a denial-of-service that you will not be able to use your device even offline.
Denial-of-service attack is enabled by handling SSL certificates sent to iOS devices via Wi-Fi, and specially crafted data will trigger the application or possibly the operating system itself.
"Since the vulnerability has not been fully confirmed, and has not yet been determined, we have decided not to provide additional technical details to ensure that iOS users will not be exposed to Exploit," the researchers said.
View the videos of the presentation
https://www.youtube.com/watch?v=PmgI0LaFYLA
https://www.youtube.com/watch?v=i2tYdmOQisA
You can download the presentation of the attack in format PDF, from its official page RSA 2015 .