Security researcher, Carl Schou, has yet again found an iPhone WiFi network bug that renders your iPhone WiFi completely useless.
Keep in mind that this is coming only weeks after the same security researcher found a similar iOS bug where a certain carefully crafted WiFi network name can completely disable your iPhone’s ability to connect to Wi-Fi.
Schou explains that in this newest exploit, similar to the first, after joining a Wi-Fi network with a specific name, all Wi-Fi functionality on the iPhone was disabled from that point on.
In the first find, once an iPhone or iPad joined the network with the name “%p%s%s%s%s%n”, the device failed to connect to Wi-Fi networks or use system networking features like AirDrop. Even after a reboot, the issue persist, although a workaround consisted of resetting all network settings and starting over.
Be aware that what that does is it resets ALL saved Wi-Fi networks on your iPhone (as well as other things like VPN access and cellular settings), thereby removing any knowledge of the malicious network name from memory. You would then join your standard home Wi-Fi as you normally would.
In this newest exploit, Schou tweeted that if an iPhone comes in range of a Wi-Fi network named ‘%secretclub%power’, then similarly to the first, that iPhone will no longer be able to use Wi-Fi or Wi-Fi related features. The difference being that even after a reset like the one explained above, the bug persisted.
Although Schuo did not detail exactly how he figured this out, 9to5Mac offered a possible explanation for the sketchy bug:
“the ‘%[character]’ syntax is commonly used in programming languages to format variables into an output string. In C, the ‘%n’ specifier means to save the number of characters written into the format string out to a variable passed to the string format function. The Wi-Fi subsystem probably passes the Wi-Fi network name (SSID) unsanitized to some internal library that is performing string formatting, which in turn causes an arbitrary memory write and buffer overflow. This will lead to memory corruption and the iOS watchdog will kill the process, hence effectively disabling Wi-Fi for the user.”
– 9to5Mac
As it is very apparent by that explanation that anyone is highly unlikely to find themselves accidentally faced with such an obscure and random chain of events, there’s always the possibility of a group of as*holes, who consider themselves “pranksters,” popping up in your space with open Wi-Fi networks using the malicious name.
As Apple has not yet issued a fix through OS update and the workaround in the first bug is worthless with this latest bug, just be careful and if you see a WiFi network name that even resembles the name above ‘%secretclub%power,’ don’t join it. I promise you, your porn will be there when you get home.
Also, porn works over cellular but I understand the buffering jerk is no fun.
