New iPhone Wi-Fi SSID Bug Disables Wi-Fi And Requires A Factory Reset To Fix
Do you know what would be great? If Apple would stop dragging its feet on a weird bug in iOS that makes it possible to disable an iPhone's ability to connect with a Wi-Fi network. Same goes for iPad devices, presumably. The problem lies with SSIDs that contain certain characters—if you connect to one with your iPhone, it could kill your Wi-Fi, possibly requiring a factory restore to get it back.
This came to light last month when researcher and reverse engineer specialist Carl Schou found that when joining a network with the SSID set as %p%s%s%s%s%n, it would disable the device's Wi-Fi. In some cases, however, it seems the issue could be resolved by resetting the phone's network settings, an option that can be found by heading to Settings > General > Reset > Reset Network Settings.
Now a few weeks later, Schou reports that another SSID could be even more malicious, as it not only disables an iPhone's Wi-Fi, but it also persists even after resetting the network settings.
"You can permanently disable any iOS device's Wi-Fi by hosting a public Wi-Fi named %securityclub%power. Resetting network settings is not guaranteed to restore functionality," Schou wrote on Twitter. "Seriously, I still don't have Wi-Fi. I have reset my network settings a handful of times, force restarted the iPhone and am out of ideas."
Sure, nobody should go around connecting to random SSIDs, especially ones that look like nonsense. But putting the onus entirely on users misses the point—this is a flaw that Apple should correct, and it should do it sooner than later. Plus, if a user has their phone configured to join public Wi-Fi networks without asking (bad idea), then simply coming within range of the malicious SSID would be sufficient to ruin an iPhone user's day.
What seems to be at play here is the "%s" part of the SSID, which prompts iOS to use a referenced string that most likely does not exist. If that is the case, it leaves the door open to more tantalizing SSID names. For example, security researcher Alex Skalozub told The Register that he accomplished the same thing by naming an SSID "%Free %Coffee at %Starbucks."
Tech savvy people would find such a name highly suspicious, but depending on how cleverly the SSID is constructed, it is conceivable that someone who is less tech savvy would try to connect, and then be faced with a factory reset to restore Wi-Fi capabilities. Not cool.
If you use an iOS device, first and foremost, be wary of oddly named SSIDs (duh). That is Security 101. Secondly, be sure your device is not configured to automatically join networks willy-nilly. And lastly be on the lookout for a minor update in the near future, as we imagine Apple will get around to patching this exploit at some point (and hopefully soon).
