back to article Have MAC, will hack: iThings have trivial-to-exploit Wi-Fi bug

iThing owners, do not skip iOS 11: it plugs a dead-easy-to-exploit drive-by Wi-Fi bug. All an attacker needed to own a phone with a vulnerable Broadcom Wi-Fi chip was the target's MAC address, and exploit code running on a laptop. As shown in this now-unsealed Google bug thread, this discovery by Gal Beniamini – very like one …

  1. Anonymous Coward
    Anonymous Coward

    First of many, no doubt

    Now that security researchers have started digging around in smartphone wifi chips for exploits, I expect such issues will be regularly reported on both iOS and Android over the next year.

    What worries me are all the places they haven't looked too much yet (especially Qualcomm's cellular baseband) where no doubt a lot of problems lie. The NSA and other state sponsored hackers have probably stolen Qualcomm's code long ago and have an extensive list of 0 days they can use in that space.

  2. Anonymous Coward
    Anonymous Coward

    iOS 11 brings more issues

    The toggle switches in iOS do not turn off Wifi and Bluetooth - just disconnect, as noted by I am David Jones on another thread. Even if you go in to settings to fully turn them off, they are auto switched back on at 5am every day.

    https://support.apple.com/en-us/HT208086

    I'm waiting for 11.1

    1. Anonymous Coward
      Anonymous Coward

      Re: iOS 11 brings more issues

      To clarify, the toggle switches in iOS 11 do not turn Wifi and Bluetooth off - I understand they do in iOS10.

      The main point remains: In iOS11 Apple switch WIFI and Bluetooth on every day at 5am.

    2. Anonymous Coward
      Anonymous Coward

      Re: iOS 11 brings more issues

      From the link you supplied the 5am auto switch-on is only enabled via the control panel, which as you write is a device disconnect only. The settings still really switch everything off:

      If you want to completely disable Wi-Fi and Bluetooth for all networks and devices, follow these steps:

      To turn off Wi-Fi, go to Settings > Wi-Fi and turn off Wi-Fi.

      To turn off Bluetooth, go to Settings > Bluetooth and turn off Bluetooth.

      For the best experience on your iOS device, try to keep Wi-Fi and Bluetooth turned on.

      It's still a daft UI though. Off should mean off.

      1. This post has been deleted by its author

      2. Anonymous Coward
        Anonymous Coward

        Re: iOS 11 brings more issues

        Oh, so as long as I go in to settings I'm still in control. Which I often have to do anyhow to choose the right wifi network. Thanks for the more careful reading of the article.

      3. Velv
        Big Brother

        Re: iOS 11 brings more issues

        "For the best experience on your iOS device, try to keep Wi-Fi and Bluetooth turned on."

        In other words, in order for us best to track your every movement in real time it's best if you keep Bluetooth and Wi-Fi turned on.

        1. Anonymous Coward
          Anonymous Coward

          Re: iOS 11 brings more issues

          No, I don't believe that. This is more an example of Apple paternalism that helpfully (!?) gets your day off to a good start by reconnecting you to the mothership so everything is ready to go when you get up. It is a real problem for activists, reporters or anyone else that needs to keep their current location around and about that time hidden. For most anyone else, not a big deal. Hopefully.

          1. Anonymous Coward
            Anonymous Coward

            Re: iOS 11 brings more issues

            Yes I agree. Think like your grandma instead of like a technically inclined person. It is easy to accidentally pull up control center and randomly change the state of stuff. Having it 'reset' overnight is not that bad of an idea for people like that. Having off mean off in Settings makes sense from this perspective, because it is less likely to be run accidentally.

            They probably should have done something to make people aware of this change, like say the first time you turn one of them off in control center it lets you know they will be re-enabled at 5am and to use Settings if you want it to be more permanent.

            I'm sure this was deliberate, is probably documented somewhere as such.

          2. Ian Michael Gumby
            Boffin

            @fake jack of shadows... Re: iOS 11 brings more issues

            Look Rock, (yeah I know the series) ;-)

            Its not just 'activists or reporters' so why don't you jack your anti-establishment wantabe attitude down... ok?

            It's a bit more troublesome than that.

            Its a way for Apple to track your movements and habits. Like when you go in to the mall and they want to track your movements to see what stores you visit. Even if they don't connect, just listening for your BT and WIFI queries is enough.

      4. Anonymous Coward
        Anonymous Coward

        Re: iOS 11 brings more issues

        > Off should mean off.

        Off does mean off.

        The iOS 11 Control Centre toggles mean Disconnect/Reconnect. They say "Disconnected", not "Off", when disconnected.

        Local connectivity between a users' personal devices, e.g. iPhone, Apple Watch, Mac, iPad, Apple Pencil, AppleTV, is available for core iOS/macOS/tvOS features between these devices.

        Continuity features like Handoff, Universal Clipboard (across devices), Cellular Calls/SMS (from another device via iPhone), Instant Hotspot, Auto Unlock Mac via Apple Watch.

        Apple users use these features all the time, and want these features to continue working, while quickly toggling disconnecting from some (maybe broken) WiFi, or quickly force disconnecting some BT device.

        > To turn _off_ Wi-Fi, go to Settings > Wi-Fi and turn off Wi-Fi.

        > To turn _off_ Bluetooth, go to Settings > Bluetooth and turn off Bluetooth.

        Exactly. And it says "Off" there, and stays off. It's not hard and there is little reason to be bothered with these janitor tasks either. Playing Mr. Systems Integrator is for Linux Desktop use cases.

        The Control Centre UI is perfect for actual Apple users and solves a real issue with broken third party connectivity while maintaining core OS behaviour across local devices.

        This a another faux-outrage created by non-Apple users, as usual.

        1. diodesign (Written by Reg staff) Silver badge

          Re: anonymously

          "This a another faux-outrage created by non-Apple users, as usual."

          Apple is being super confusing here.

          "In iOS 11 and later, when you toggle the Wi-Fi or Bluetooth buttons in Control Center, your device will immediately disconnect from Wi-Fi and Bluetooth accessories. Both Wi-Fi and Bluetooth will continue to be available"

          Will both continue to be available even though disconnected. Huh? Turns out you have to go to the *settings* page:

          "To turn off Wi-Fi, go to Settings > Wi-Fi and turn off Wi-Fi.

          To turn off Bluetooth, go to Settings > Bluetooth and turn off Bluetooth."

          You can see why it's irritating people. Off should always be off, not nearly off until you find the other lever to pull.

          C.

          1. Anonymous Coward
            Anonymous Coward

            Re: anonymously

            Although I think it ought to be made clearer, I can see why Apple did this.

            The user default is all of the radios enabled, killing it occasionally when circumstances require it. In this context the automatic re-enabling makes sense, and it also explains why they added a switch for mobile data - that is massively helpful when I'm abroad in a non-EU region.

            Those who stray from the default can go into settings and make more permanent changes.

            I've now done the upgrade and apart from the apps that were signalled not to work it appears to work OK, even to the point of doing airplay to my Mac (via Reflector 2 software). Podcasts and music (you know, the applications that initially med the iPhone interesting when it was launched) have still not learned to cope with landscape mode, and neither has Settings. If you were in the habit of searching for an app to start it, you will find that after update this only works if you have enabled the "Siri & search" thing to suggest it in apps) which is a pain.

            Last but not least, the "Answer calls on other devices" no longer wants to enable, it alleges that the other devices are not logged in to the same FaceTime & iCloud account for this to work (and they are, of course).

            So an OK-ish update, but some things still need ironing out.

    3. Anonymous Coward
      Anonymous Coward

      Re: iOS 11 brings more issues

      I'm waiting for 11.1

      Well, the current version is 11.0.1 so it's on its way :)

    4. Ian Michael Gumby
      Boffin

      @AC ... Re: iOS 11 brings more issues

      I noticed that right after I loaded it up on my phone.

      I used the buttons to turn it off and literally 5 minutes later the wi-fi was turned on.

      It was only after I went to the setting and slid the bar that it was turned off and stayed off.

      The toggle buttons on the pane seem to be an idiot thing and is a major bug.

      Apple is showing the lack of common sense.

      Free clue. When I want my wi-fi off and my blue tooth off, I want them off. Automatically turning them on is an invasion of privacy.

    5. Ian Michael Gumby
      Flame

      @WARNING WARNING WILL ROBINSON .... Re: iOS 11 brings more issues

      So... I know I can shut off the Wi-Fi and Bluetooth from the Systems controller app.

      HOWEVER...

      Can someone tell me why every single app has a Siri suggestions toggle?

      Yeah. So unless you want SIRI turned on and running on your phone, you have to go to every app and turn off this selection.

      Very sneaky Apple and very bad.

      This is a way for Apple to spy on you when you run an app.

      1. Anonymous Coward
        Anonymous Coward

        Re: @WARNING WARNING WILL ROBINSON .... iOS 11 brings more issues

        There is indeed cause to ask Apple if this analysis leaves the phone (there's no indication it does, but I don't use Siri), but so far I have found that switching off apps in this list means that "search" no longer finds them.

        If you're in the habit of starting apps from the search field (which I do in both macos and iOS), you must have those apps enabled in that list or they will only show up when you have typed the name in full..

        1. Ian Michael Gumby
          Flame

          Re: @WARNING WARNING WILL ROBINSON .... iOS 11 brings more issues

          @AC

          It most certainly leaves the phone. Read the description. It's captured data as part of a recommendation engine.

    6. fidodogbreath

      Re: iOS 11 brings more issues

      Even if you go in to settings to fully turn them off, they are auto switched back on at 5am every day.

      No. The linked doc clearly states that the 5 AM reset applies to the Disconnect function in the control center. Turning off WiFi and Bluetooth in the Settings app turns them completely off.

  3. Not also known as SC
    Unhappy

    Now I'm Confused

    Only last week you were telling us NOT to upgrade. I'm confused...

    1. Anonymous Coward
      Anonymous Coward

      Re: Now I'm Confused

      I think the advice is to not not upgrade.

      1. DagD

        Re: Now I'm Confused

        Simple. Upgrade, but don't use Apple's Security Keychain for anything.

        In fact, good use of "bathwater" (-Hand of God, Season 2). put a bunch of junk passwords in keychain and wait for your accounts to be locked out.

        1. Andrew Hodgkinson

          Re: Now I'm Confused

          But that's just it. I've bashed Apple's declining s/w quality relentlessly since the truly horrible days of the introduction of OS X Lion and iOS 7, but with High Sierra and iOS 11, the media is genuinely struggling to find anything wrong. Let's review the list:

          * 32-bit apps stop working. Um, hardly a bug; that's been advertised since 2014, with non-64-bit app submissions to the store rejected for at least two years. iOS 10 started warning users about it, in increasingly strong terms. If you rely on a 32-bit app then yeah, it's crappy and you can't upgrade, but it's still a 3-year-old well advertised deprecation and means you are using an app that can't have had a single update or security patch in at least two full years.

          * You can't turn off WiFi and Bluetooth! Panic! Uuuh, except you can, in Settings. Questionable UI for anyone but novices in Control Centre for sure, but the rationale is well explained in the Apple knowledge base article - it seems journos can't be arsed even reading *that* much these days though.

          * An actual bug! The Exchange connection issue. I didn't experience it, but enough did that 11.0.1 is already out and fixes it. So, that's gone.

          * Another bug perhaps? Some people report slow application launch times. I've not noticed it being slower, but then I've been on the beta a while before the final release and perhaps I got used to it. There could be a genuine issue here. The "double launch" UI animation bug is still present, so clearly something is amiss. This one seems legit.

          * Worse battery life! Yeah, as with every update. Every single one. Spotlight reindexing and usage profiling data restarts each time. In 1-2 days, it'll settle as it always does. Doubtless a few people out of the many millions who can upgrade will have bad patches that don't function properly and need to restore, which sucks, but is that a reason to have screamed "do not upgrade" a day or two ago? No.

          Aaaaand that's it so far. That's all. To me, that's basically mind blowing. I've never seen an OS release from anyone with so few headline bugs at release, even before iOS 11. There are little UI glitches all over the place, but nothing breaking the device functionality. Quite something, especially given the magnitude of changes on the iPad, which pretty much all seem to work properly.

          High Sierra is a similar story and, very rarely for modern Mac OS, actually runs faster than 10.12 on some older hardware, allegedly thanks to Metal 2 and (for all-Flash storage devices) APFS. It certainly spend up my 2011 MBP. Again, very few significant bugs are evident, despite an entirely new filesystem; amazing. Yes, it's still a pale shadow of 10.6 thanks to ongoing absurd RAM requirements and such, but even the RAM problems are much reigned in compared with 10.12. Perhaps being stuck on 16GB max in laptops thanks to Intel limitations has been a motivator!

          So I can say what I like about the intermediate years, but they seem to have genuinely knocked it out of the park on this one.

    2. Anonymous Coward
      Thumb Up

      Re: Now I'm Confused

      It's simple: if you have upgraded, then you shouldn't have done. If you've not upgraded, then it's important that you do so right now.

    3. Paul Crawford Silver badge

      Re: Now I'm Confused

      Its simple choice really:

      1) Upgrade now and break your applications and get lots of annoying new bugs

      2) Don't upgrade and get you machine screwed over by miscreants

  4. Anonymous Coward
    Anonymous Coward

    How convenient

    That this should come out at a time when it's very handy for Apple, nudging people to upgrade their devices onto a newer IOS which will then no doubt, like most other versions slow these devices down and increase the chances of them upgrading.

    1. Naselus

      Re: How convenient

      ...Or it's come out now because Google have responsibly waited a decent period after informing Apple of the bug before making a potentially devastating attack vector public. Seriously, I hate Apple, but this isn't suspicious.

  5. Rob D.

    iPhone 5

    And there I was hoping to hold out a little longer before having to change the phone. Still trying to find out whether Apple will pop for an update on this or similar devices on the iOS10 branch given how many are still in circulation.

    1. Naselus

      Re: iPhone 5

      Pretty sure the answer for that will be decidedly no. No phone manufacturer is likely to regards supporting a phone from 2012 as their problem; most drop out at 2 years and even Apple's and Samsung's "long-life" flagships rarely see support beyond 3 years.

      1. Velv
        Coffee/keyboard

        Re: iPhone 5

        While I suspect you're right and no manufacturer will "support beyond 2 years", this is not a situation we the consumer should be simply accepting.

        A smartphone is no longer just a bunch of cheap electronic components, it is an entire computing device costing several hundred pounds (or £1,000+ for some!).

        We wouldn't accept Windows, Linux or MacOS being out of support after two years, so why should we accept it for iOS or Android (or any other that comes along). I can understand manufacturers having a warranty on the hardware of 1-2 years, but the OS as a soft item should be supported and upgraded for a realistic life. We're not talking about feature enhancements, we're talking security, and let's face it, in the vast majority of cases the core code will not have changed for the same security vulnerability over the years, so the fix will generally be known to the author.

        1. Anonymous Coward
          Anonymous Coward

          Re: iPhone 5

          My experience is in the 4 year range for Apple things getting out of date which is not unreasonable, but it does mean it's best to flog devices after 3 years (better street price than Apple exchange value)..

          As for apps, I have an older iPad which doesn't go beyond iOS 10.3.3, and I moved all the "will not work in iOS 11" apps onto that. None of these were critical, but I can imagine that some people will face unpleasant surprises.

    2. Speltier

      Re: iPhone 5

      At the moment iOS 11.0.1 is available for iPhone5. IPhone4 is out of luck, hanging in at iOS9 (but think of how much money was saved by not upgrading since 2010!).

      Good thing Androids are cheap, the only software upgrade path for most is via buying a new phone.

  6. Anonymous Coward
    Anonymous Coward

    In any case, lock your backup first.

    Before you venture into installing iOS 11, make a backup in iTunes, then go to "preferences - devices" and right-click on the backup so you can mark it as an archive. That way it will not be overwritten the next time you connect.

    Why Apple didn't ensure there was at least one backup stored I don't know.

  7. FlamingDeath Silver badge
    Thumb Down

    Responsibility

    Could you imagine a world where car manufacturers were able to produce cars with zero warranty, such as if the wheels fall off due to poor workmanship, tough luck, you used it by choice.

    This is the situation we're in with software, that software companies can just smash out code in a for profit driven environment with zero risk of being sued when the code falls apart, because you agreed to their terms of use.

    How long before people start getting killed due to poorly thought out code?

    There are some practices that should warrant jail time

  8. CrazyOldCatMan Silver badge

    Cool.

    Apparently, iOS now runs on Apple Macintosh computers..

    (Yes, slightly sarky, but could you at least try to make the subheads vaguely correct? Macs don't run iOS..)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like