在 Twitter 上看到別人 retweet 的新聞:
#iOS8 Vulnerability Lets Hackers Crash Any #iPhone and iPad Within Wi-Fi Range http://t.co/FssgRWikFu pic.twitter.com/xl6q99JJQx
— The Hacker News (@TheHackersNews) April 22, 2015
在 RSA Conference 發表的 0-day exploit:「iOS 8 Vulnerability Lets Hackers Crash Any iPhone and iPad Within Wi-Fi Range」。
Adi Sharabani and Yair Amit of Mobile security firm Skycure presented their latest research, titled "No iOS Zone", at the RSA security conference in San Francisco on Tuesday.
示範影片:
起因自 iOS 對惡意 SSL certificate 的處理會造成重開機:
All an attacker need to do is create a malicious wireless network that uses the Wi-Fi connection in order to manipulate SSL certificates sent to iOS handsets.
目前最好的解法是關閉無線網路:
Another best measure is to simply avoid the free wireless networks you find in the street providing public Internet access.