reader comments
24 with 20 posters participating
Apple has been taking its time fixing an iOS bug that makes it easy for miscreants to completely disable an iOS device unless the victim performs a factory restore and follows other cumbersome steps, a researcher said.
HomeKit is an Apple-designed communication protocol that allows people to use their iPhones or iPads to control lights, TVs, alarms, and other home or office appliances. Users can configure their devices to automatically discover appliances on the same network, and they can also share those settings with other people so they can use their own iPhones or iPads to control the appliances. The sharing feature makes it easy to allow new people—say, a housesitter or babysitter—to control a user’s appliances.
Trevor Spiniolas, a self-described programmer and “beginning security researcher,” said recently that a bug in the feature allows someone to send an iOS device into an unending crash spiral. It can be triggered by using an extremely long name—up to 500,000 characters in length—to identify one of the smart devices and then getting a user to accept an invitation to that network.
As the demonstration videos below show, the device slowly becomes unresponsive until it eventually seizes up completely. Rebooting the device doesn’t help. By the time the login screen appears, it’s impossible to enter a passphrase. The only thing left to do is to perform a factory restore. And even then, once the device is restored, it will once again become unresponsive as soon as it logs back into the user’s iCloud account during setup.
zero-click vulnerabilities that frequently allow attackers to execute malicious code on iPhones. But if Apple wants to encourage users to trust their iOS devices, it really ought to fix this bug. Apple representatives didn’t respond to an email seeking comment for this article.