Apple WIFI setting infinite Loop iOS rest Ping!
If you want on or off the Mac Ping List, Freepmail me.
Posted on 04/23/2015 2:23:16 AM PDT by Swordmaker
At the 2015 RSA Conference, security researchers from Skycure showcased a new iOS 8 vulnerability which, if properly exploited, can send iPhones and iPads connected to a malicious hotspot into a reboot loop. The vulnerability affects both the operating system as well as apps which use SSL to communicate.
All that an attacker has to do to exploit the vulnerability is to set up a router in a "specific configuration", and allow anyone to connect (basically make it an open hotspot). The iOS 8 devices that connect will be affected, without the attacker having to have access to them.
Based on the information provided by Skycure, this vulnerability seems to have been discovered by mistake. "One day, during preparation for a demonstration of a network-based attack, we bought a new router. After setting the router in a specific configuration and connecting devices to it, our team witnessed the sudden crash of an iOS app. After a few moments, other people started to notice crashes. Pretty quickly, we realized that only iOS users were suffering from crashes".
Skycure isn't saying exactly what an interested party has to do to exploit this vulnerability, as it is not yet confirmed as fixed by Apple. However, the security firm says that attackers would have to generate a custom SSL certificate and create a script, the latter of which likely has to be loaded on the router.
Skycure notes that this vulnerability is pretty serious, as using SSL is recommended practice, and employed by most iOS apps. Attackers could exploit this vulnerability to instrument a massive DoS (Denial of Service) attack, which can "lead to big losses". Just imagine what might happen if routers inside a major corporation are compromised and used for such an attack.
Apple has been notified, and is likely working to fix this vulnerability. Because it is not yet confirmed as fixed, as I said earlier, Skycure isn't telling us everything about the vulnerability. In case iOS 8 users see apps crashing, they should disconnect from the hotspot they are using (by hitting the Forget This Network button in the hotspot's settings, found in Settings -- Wi-Fi).
If the device is in the reboot loop, disconnecting from the hotspot might not be easy to do. In this case, simply going out of its range might allow users to have easy access to their device's Settings menu. They can also disable Wi-Fi, just to be sure their device won't reconnect.
Installing iOS 8.3 is also a good idea, as Skycure notes that it might have neutralized part of the threat. And, of course, users can (and should) also steer clear of public/free hotspots, which are generally insecure. Personally, I avoid them like the plague.
If you want on or off the Mac Ping List, Freepmail me.
bflr
I challenge the members of the Apple ping list to each donate at least $10 each to the latest Freepathon to counter such extortion. I will be donating $100. Let's show the power of the Apple Ping list in supporting Freerepublic!
I bet my 9 kids think mom and dad are faggots because we have all these apple products... no wait! I’m safe. I have a Windows gaming system.
.
I guess it’s time to activate the voice-operated system installer on my Steve Jobs Memorial iPad (bought the day after he died).
That is, I will hand the iPad to my son and say, “It wants a new OS.”
Many of the features on my Windows system are voice-operated, as well.
Isn’t technology great?
It’s interesting that a FReeper would use a treasured leftist tactic– silencing the opposition– instead of beating them in the arena of ideas.
Very telling.
Who is this person? Shouldn’t it be easy to get them banned? They must have contacted you through FR channels leaving some evidence for the admins, right?
Oooooh, scary click-bait sound-bite description. But really now, what would be the point of such an attack? There are much more effective ways -- and much easier ways -- to do a DDoS on a wireless network.
And the window of opportunity is small -- Apple will have this patched and distributed pretty quickly.
I'll be interested to see if anyone anywhere actually accomplishes this attack in the real world. Frankly, I doubt anyone would bother, other than as a lab demo like this.
If you look through the past few apple threads, it’s pretty obvious. There is one poster with a pretty severe case of ADS who appears to be obsessed with the apple-faggot meme.
Talk about dodging a bullet.
I'm a monthly donor, and donate more in Freepathons. I'll donate $100 on your behalf. Who is the fudge-packer harassing you? Swordmaker, you provide a valuable service to us on Free Republic. The troublemaker is nothing but a jerk, idiot, and so full of bile that he is destroying this site. I used to think that Free Republic was a wonderful site of conservatives who could debate rationally and keep things mellow between us. Lately, that has not been the case because of fools like the Apple-haters who are so vile. Because of that, I haven't been donating as much as in earlier years. This used to be a wonderful place. Please name the bad Freeper publicly and I'll donate $200. He probably gives nothing to support this site.
Freepmail wagglebee to subscribe or unsubscribe from the homosexual agenda ping list.
Be sure to click the FreeRepublic homosexual agenda keyword search link for a list of all related articles. We don't ping you to all related articles so be sure to click the previous link to see the latest articles.
Add keywords homosexual agenda to flag FR articles to this ping list.
I have been threatened by a member of Freerepublic that if I post anything again, he will offer Jim Robinson $2000 to banish me permanently from Freerepublic on the grounds I am, according to him a "faggot," I am not homosexual, my girlfriend finds that uproariously hilarious, as do my two daughters. He claims this because I use Apple products and ping the 700 members of the Apple/Mac/iPhone/iPad/iOS ping list to articles about those topics. . . Which he maintains come from a "faggot" company. He maintains all Apple users are "faggots."
Okay, this is just bizarre!
FReeper Swordmaker IS NOT a homosexual, nor is he promoting homosexuality.
It is an unfortunate reality that the entire computer/internet/communications industry is fully behind the homosexual agenda and has been for a very long time. Apple is, but so is Microsoft, Google, Yahoo, Intel, Samsung, Oracle, Sun, Ebay, Amazon, etc.
We all have to use their products and services to function in today's world, but that doesn't mean we support their corporate agendas. Some people love Apple products, some hate Apple; but it's really no different from the Yankees-Red Sox rivalry.
It is immature and petty to attack another FReeper based on what brand of computer or phone they use.
Don’t feel bad. I’ve got an iPhone whateveritis through my Verizon provider, and my wife’s been kidding me (I think) that I’m a homosexual for the 40 years we’ve been married.
So what?
“It is an unfortunate reality that the entire computer/internet/communications industry is fully behind the homosexual agenda and has been for a very long time. Apple is, but so is Microsoft, Google, Yahoo, Intel, Samsung, Oracle, Sun, Ebay, Amazon, etc.”
All political leftists, and sadly, run by the wealthiest people in the word. It does not bode well for our future.
World
I got pinged to this thread and I have no idea what so ever is going on.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.