Upgrade the iOS firmware as soon as possible. The problem of "1970 bricking" of firmware before 9.3 is still unsolved | Ainongji

In March, Apple officially released iOS 9.3 to fix the problem of "1970 bricking". In iOS Under version 9.3, if users want to adjust the time, they can only adjust it to January 1, 2001 at the earliest, to prevent the sale of "1970 brick changing" in disguise. However, two researchers found that it exists in iOS again The vulnerability in 9.3 and earlier versions of the system allows iOS devices to reproduce the "1970 Brick Changing" problem.

Internet security researchers Patrick Kelly and Matt Halligan sent a message on Wednesday 9.3.1 A security vulnerability has been found in the previous system, which can make the iPhone and iPad reproduce the "1970 brick turning" problem. The so-called "1970 Brick Making" problem refers to putting the iPhone or iPad The time of is set as January 1, 1970. After the machine is turned off and turned on again, the device will "brick" and cannot be started until the battery is exhausted. Apple also confirmed this problem, saying that if the system time was manually set to May 1970 or earlier, the iPhone, iPad and iPod touch would not restart.

The two security personnel said that this time, we need to take advantage of the two "weaknesses" of iOS. The first point is that iOS devices can automatically connect to connected WiFi networks. That is, if a malicious WiFi hotspot mimics a known WiFi hotspot, iOS devices may automatically connect to a malicious WiFi network.

The second point is that iOS devices are generally set to automatically connect to the network time protocol NTP server to check the system time and date. What the two researchers need to do is to create a fake wireless network hotspot, and then build an NTP server (disguised as Apple If the server is time. apple. com), you can change the iOS device date to January 1, 1970.

Two security personnel have notified Apple of the vulnerability, and Apple has fixed the vulnerability in iOS 9.3.1. However, a large number of users, including prison break enthusiasts and small white users, may not have upgraded the latest firmware, which brings some risks to them.