"One day, during preparation for a demonstration of a network-based attack, we bought a new router. After setting the router in a specific configuration and connecting devices to it, our team witnessed the sudden crash of an iOS app." "After a few moments, other people started to notice crashes. Pretty quickly, we realized that only iOS users were suffering from crashes."According to the researchers, the attack can render vulnerable iOS devices within range so unstable that they can be forced into a constant cycle of crashes. Although many may view such an attack as a practical joke, the truth is that such a "denial of service" attack could have a serious impact on organisations reliant upon their iOS devices. In their presentation, Amit and Sharabani could be used at political events, or by protestors in financial hubs.
"Anyone can take any router and create a Wi-Fi hotspot that forces you to connect to their network, and then manipulate the traffic to cause apps and the operating system to crash." "There is nothing you can do about it other than physically running away from the attackers. This is not a denial-of-service where you can't use your Wi-Fi – this is a denial-of-service so you can't use your device even in offline mode."The researchers say that they first informed Apple of the problem in early October 2014, and that iOS 8.3 appears to resolve some of the issues they uncovered. Chances are that this won't be the last time that a serious denial of service flaw is found in iOS. Just last month, Apple released iOS 8.2 which fixed a flaw that allowed hackers to restart iPhones by sending them a maliciously-crafted Flash SMS. More details of the "No iOS Zone" flaw can be found in the slide deck of the presentation given at the RSA conference. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.