New Version of 'January 1, 1970 Bug' Can Brick Pre-iOS 9.3.1 Devices Over Compromised Wi-Fi Networks

by

Security researchers Patrick Kelley and Matt Harrigan have uncovered a new way to exploit the infamous January 1, 1970 bug that was found to be the cause of bricked iPhones in February. Despite Apple's patch of the original issue in iOS 9.3, Kelley and Harrigan discovered the way in which an iPhone constantly looks for trusted Wi-Fi networks could lend itself to the malicious bricking of a Wi-Fi enabled Apple device, without the user even knowing it was happening.

iPhone-6s-main
In a hypothetical example described by Krebs on Security, if a user confirms that a network called "attwifi" is a trusted connection, any subsequent network they come into contact with boasting the same name will connect with their iPhone. That way, when users revisit the same location frequently, they never have to fiddle with going through the Wi-Fi set-up process again. But the feature could be used to silently weaponize the 1970 bug, connecting users to similarly-named networks they've never encountered and altering the date and time stamps of their iOS devices.

In their research, Kelley and Harrigan used this feature of iPhones and iPads to build a nefarious Wi-Fi network, harnessing the requirement of iOS devices to occasionally connect to a network time protocol (NTP) server to keep date and time in sync. Once a user connected to their thought-to-be trusted network, the iPhone would reconfigure its software to update the date and time information from Kelley and Harrigan's own NTP date, which they specified as January 1, 1970.

Harrigan, president and CEO of San Diego-based security firm PacketSled, described the meltdown thusly:

“One thing we noticed was when we set the date on the iPad to 1970, the iPad display clock started counting backwards. While we were plugging in the second test iPad 15 minutes later, the first iPad said it was Dec. 15, 1968. I looked at Patrick and was like, ‘Did you mess with that thing?’ He hadn’t. It finally stopped at 1965, and by that time [the iPad] was about the temperature I like my steak served at.”

Harrigan and Kelley coordinated with Apple when they discovered their findings to avoid preempting the company's promise of a fix for the bug, and possibly encouraging its malicious use in the wild. As such, the company has fixed the issue and anyone running iOS 9.3.1 will be protected from the new iteration of the 1970 bug. Older iOS releases, including the original iOS 9.3 update, are still susceptible, however.

With the release of their research, the two security experts are understandably encouraging users to update their iPhones and iPads as soon as possible, and have created a video to better explain the issue.

Related Forum: iOS 9

Popular Stories

iOS 26

Everything New in iOS 26.2 Beta 3

Monday November 17, 2025 3:20 pm PST by
Apple provided developers with the third beta of an upcoming iOS 26.2 update, and there are still new features that are being added with each beta that we get. We've rounded up all of the changes that Apple made in beta 3. AirDrop Apple added new AirDrop functionality, providing a way for two people to share files temporarily without having to add one another as contacts. iOS 26.2...
Read Full Article20 comments
applecare apple care banner

Apple Brings New AppleCare+ Options to India

Tuesday November 18, 2025 8:42 am PST by
Apple today announced an expansion of AppleCare+ coverage in India, with new options for monthly and annual plans, and the addition of Theft and Loss for iPhone for the first time. Options for monthly and annual AppleCare+ plans in India provide more choice and flexibility, allowing users to keep coverage for as long as they require. Apple's vice president of Worldwide iPhone Product...
Read Full Article6 comments
Apple Wallet ID Illinois

iPhone Driver's License Feature Launching in Illinois

Tuesday November 18, 2025 8:47 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Starting this Wednesday, November 19, the feature will be available to residents of Illinois. The announcement confirmed that the...
Read Full Article69 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Wednesday November 19, 2025 4:00 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article87 comments
iPhone 17 Pro and Air N1 Feature

iPhone 17 vs. iPhone 16 Wi-Fi Speeds: New Study Reveals the Winner

Tuesday November 18, 2025 10:53 am PST by
A new study has revealed that the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air achieve significantly faster average Wi-Fi speeds compared to the iPhone 16 series, thanks to Apple's custom-designed N1 chip. The study was conducted by Ookla, the company behind the popular Speedtest website and app. It said the results are based on global, crowdsourced Speedtest user data...
Read Full Article46 comments
Magic Keyboard Touch ID Feature

Apple Releases New Firmware for 140W USB-C Power Adapter, Magic Keyboard and Magic Trackpad

Tuesday November 18, 2025 1:05 pm PST by
Apple today released updated firmware for several accessories, including the 140W USB-C Power Adapter, the Magic Trackpad 2, the Magic Trackpad USB-C, the Magic Keyboard with Touch ID, and the Magic Keyboard with Touch ID and Numeric Keypad. There is no word on what's included in the updated firmware at this time, but it could offer performance improvements and security updates. Accessory...
Read Full Article78 comments
Apple Sports App Preview Feature

Apple Sports App on iPhone Now Available in More European Countries

Monday November 17, 2025 6:27 am PST by
The free Apple Sports app on the iPhone was released in additional European countries today, including Belgium, Croatia, Czechia, the Netherlands, Luxembourg, Poland, Hungary, Denmark, Finland, Norway, Sweden, Switzerland, Slovakia, Slovenia, Serbia, Greece, Estonia, Latvia, Romania, Ukraine, and others. The app was already available in the U.S., the U.K., Canada, Austria, France, Germany,...
Read Full Article22 comments
macbook black friday

The Best Early Black Friday Mac Deals

Tuesday November 18, 2025 7:32 am PST by
We're getting closer to Black Friday, which lands next week on Friday, November 28. In the lead-up to the shopping holiday, we're tracking a few lowest-ever prices on Apple's most popular Macs, including the M4 MacBook Air and brand new M5 MacBook Pro. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment,...
Read Full Article1 comments
best early black friday deals

Best Black Friday Apple Deals Live Now - Save on AirPods, iPads, and Apple Watches

Saturday November 15, 2025 1:45 pm PST by
We're officially in the month of Black Friday, which will take place on Friday, November 28 in 2025. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. In this article, the majority of the discounts will be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When ...
Read Full Article3 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 2, AirPods Pro 3, and AirPods 4

Thursday November 13, 2025 11:35 am PST by
Apple today released new firmware designed for the AirPods Pro 3, the AirPods 4, and the prior-generation AirPods Pro 2. The AirPods Pro 3 firmware is 8B25, while the AirPods Pro 2 and AirPods 4 firmware is 8B21, all up from the prior 8A358 firmware released in October. There's no word on what's include in the updated firmware, but the AirPods Pro 2, AirPods 4 with ANC, and AirPods Pro 3...
Read Full Article73 comments

Top Rated Comments

Tubamajuba Avatar
Tubamajuba
125 months ago
Apple iOS, it just works... oh wait :eek:
Dude, give it up. We get it, you hate all things Apple.
Score: 12 Votes (Like | Disagree)
braddick Avatar
braddick
125 months ago
this issue reminds me of the joke, "The patient says, "Doctor, it hurts when I do this." "Then don't do that!"
Score: 8 Votes (Like | Disagree)
KALLT Avatar
KALLT
125 months ago
Apple products like the iPad (and virtually all mass-market wireless devices) are designed to automatically connect to wireless networks they have seen before. They do this with a relatively weak level of authentication: If you connect to a network named “Hotspot” once, going forward your device may automatically connect to any open network that also happens to be called “Hotspot.”

For example, to use Starbuck’s free Wi-Fi service, you’ll have to connect to a network called “attwifi”. But once you’ve done that, you won’t ever have to manually connect to a network called “attwifi” ever again. The next time you visit a Starbucks, just pull out your iPad and the device automagically connects.
That right there is your problem. As if automatic joining of known SSIDs was not a bad enough idea, iOS also offers no way to see, edit and remove these known SSIDs, unless you are in range. You can only reset your networking settings to clear everything, but who does that on a regular basis? I do not understand why Apple has not done anything about it. I’d wager that there are many iPhone users out there who have long lists of known SSIDs.
Score: 7 Votes (Like | Disagree)
maxsix Avatar
maxsix
125 months ago
Apple iOS, it just works... oh wait :eek:
Score: 7 Votes (Like | Disagree)
Traverse Avatar
Traverse
125 months ago
I'm still astounded at how people find these. Like old hacks in Gameboy color games: "take 3 steps left, head down until you're spotted, press start at the right time to freeze the game, go here, turn around three times = unlimited whatever"

Who figures these out! :eek:
[doublepost=1460563286][/doublepost]
Apple should just change it to where you cannot change the date on iOS, and all times are adjusted automatically through Wi-Fi or cellular through Apple's servers only.
But then my aunt couldn't cheat at Candy Crush! :p
Score: 6 Votes (Like | Disagree)
Soba Avatar
Soba
125 months ago
Should never happen if apple is using ntp - the spec and all common implementations forbid time travel (setting clock backwards). So this is purely and Apple bug, not ntp.
Very tiny nitpick: In some situations, the clock will indeed be set backwards with ntp, but it's an unusual circumstance and the change should be quite small.

However, ntp's defaults (last I knew) forbid any clock correction exceeding 1000 seconds, so this kind of massive, 40-year correction should not be possible under any circumstances. Either Apple wrote their own time sync client (why?) or changed this default in their implementation of ntp. (Again, why?)

Incorrect device clocks have major security implications for any network, so even without this bricking bug, Apple should be paying closer attention to this. Time sync should never be an afterthought.
Score: 6 Votes (Like | Disagree)
Read All Comments