Security Research

Home » Security Research

TIME TO DIE – Bricking An iPad Over the Air

in Security Research by admin Comments are off

Research from PacketSled and Patrick Kelley, CISSP, CEH, MCP at Critical Assets proves it possible to remotely brick iDevices over-the-air. The team built the exploit based on Zach Straley’s research which exposed a flaw in iOS when a user to manually set the date of an iPhone or iPad to January. 1, 1970.



Using a custom Raspberry Pi setup built by Kelley, a wifi access point resembling a commonly trusted network spoofs Apple’s NTP servers to pass the 1/1/1970 date to the device. This starts a chain reaction of software instability resulting in a observed temperatures up to 54°C… which is hot enough to brick a device.

rpi
The rPi that killed the iPad


The team reported the exploit to Apple who released the update 9.3.1 to address the issue.


Read more on Krebs: krebsonsecurity.com

© 2016 PacketSled, Inc.