New Version of 'January 1, 1970 Bug' Can Brick Pre-iOS 9.3.1 Devices Over Compromised Wi-Fi Networks

by

Security researchers Patrick Kelley and Matt Harrigan have uncovered a new way to exploit the infamous January 1, 1970 bug that was found to be the cause of bricked iPhones in February. Despite Apple's patch of the original issue in iOS 9.3, Kelley and Harrigan discovered the way in which an iPhone constantly looks for trusted Wi-Fi networks could lend itself to the malicious bricking of a Wi-Fi enabled Apple device, without the user even knowing it was happening.

iPhone-6s-main
In a hypothetical example described by Krebs on Security, if a user confirms that a network called "attwifi" is a trusted connection, any subsequent network they come into contact with boasting the same name will connect with their iPhone. That way, when users revisit the same location frequently, they never have to fiddle with going through the Wi-Fi set-up process again. But the feature could be used to silently weaponize the 1970 bug, connecting users to similarly-named networks they've never encountered and altering the date and time stamps of their iOS devices.

In their research, Kelley and Harrigan used this feature of iPhones and iPads to build a nefarious Wi-Fi network, harnessing the requirement of iOS devices to occasionally connect to a network time protocol (NTP) server to keep date and time in sync. Once a user connected to their thought-to-be trusted network, the iPhone would reconfigure its software to update the date and time information from Kelley and Harrigan's own NTP date, which they specified as January 1, 1970.

Harrigan, president and CEO of San Diego-based security firm PacketSled, described the meltdown thusly:

“One thing we noticed was when we set the date on the iPad to 1970, the iPad display clock started counting backwards. While we were plugging in the second test iPad 15 minutes later, the first iPad said it was Dec. 15, 1968. I looked at Patrick and was like, ‘Did you mess with that thing?’ He hadn’t. It finally stopped at 1965, and by that time [the iPad] was about the temperature I like my steak served at.”

Harrigan and Kelley coordinated with Apple when they discovered their findings to avoid preempting the company's promise of a fix for the bug, and possibly encouraging its malicious use in the wild. As such, the company has fixed the issue and anyone running iOS 9.3.1 will be protected from the new iteration of the 1970 bug. Older iOS releases, including the original iOS 9.3 update, are still susceptible, however.

With the release of their research, the two security experts are understandably encouraging users to update their iPhones and iPads as soon as possible, and have created a video to better explain the issue.

Related Forum: iOS 9

Popular Stories

Apple Watch Ultra 2 Complications

Apple Watch Ultra 3 Just Weeks Away: Eight Reasons to Upgrade

Wednesday August 20, 2025 6:44 am PDT by
We're only weeks away from Apple's annual iPhone event – rumored to take place on September 9 – and along with the new iPhone 17 series, we're going to get a new version of the Apple Watch Ultra for the first time since 2023. By the time the Ultra 3 is unveiled, it will have been two years since the previous model arrived. The intervening period has left plenty of room for enhancements,...
Read Full Article70 comments
apple wallet drivers license feature iPhone 15 pro

iPhone Driver's Licenses in Apple Wallet Now Available in 10 U.S. States

Wednesday August 20, 2025 12:00 pm PDT by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. This week, Apple announced the 10th U.S. state that has implemented the feature: Montana. Below, we have recapped key details about...
Read Full Article67 comments
airpods pro 2 green

Apple Releases New Beta Firmware for AirPods Pro 2 and AirPods 4

Tuesday August 19, 2025 11:25 am PDT by
Apple today provided developers with updated beta firmware for the AirPods Pro 2 and AirPods 4, allowing them to test the new AirPods features in iOS 26, iPadOS 26, and macOS Tahoe. The firmware is only available to developers at the current time, and a device running iOS 26, iPadOS 26, or macOS 26 is required to install the update. The firmware has a build number of 8A5343a, up from 8A5324b. ...
Read Full Article27 comments
TechWoven

Apple Rumored to Launch 'TechWoven' Cases for iPhone 17 With 'Crossbody Strap' Option

Wednesday August 20, 2025 8:21 am PDT by
Apple is planning to launch a new "TechWoven" line of cases for the iPhone 17 series, according to a leaker known as "Majin Bu." Two years ago, Apple stopped selling leather iPhone cases, as part of the company's efforts to reduce its carbon emissions. As an alternative, Apple introduced a new "FineWoven" line of fabric iPhone cases made from 68% post-consumer recycled content, but they were ...
Read Full Article147 comments
iPhone 17 Pro Dark Blue and Orange

When Is iPhone 17 Coming Out?

Wednesday August 20, 2025 5:00 am PDT by
Apple's iPhone 17 series is expected to debut in September 2025. This release follows Apple's recent trend of introducing new iPhone models annually in the fall. To unveil the iPhone 17, iPhone 17 Air, iPhone 17 Pro, and iPhone 17 Pro Max, Apple is expected to hold its annual iPhone announcement event during the week of September 8, 2025, with September 9 or 10 emerging as the most likely...
Read Full Article
iPhone 17 Pro on Desk Centered 1

iPhone 17 Pro Launching Next Month With These 12 New Features

Wednesday August 20, 2025 1:23 pm PDT by
Apple's iPhone 17 Pro and iPhone 17 Pro Max should be unveiled in a few more weeks, and there are plenty of rumors about the devices. Below, we recap key changes rumored for the iPhone 17 Pro models: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models have a titanium frame, and the iPhone X through iPhone 14 Pro...
Read Full Article
Generic iOS 18

iOS 18.6.2 Update Coming Soon for iPhones

Tuesday August 19, 2025 9:29 am PDT by
Apple's software engineers are testing iOS 18.6.2, according to the MacRumors visitor logs, which have been a reliable indicator of upcoming iOS versions. Yesterday, an anonymous source with a proven track record said iOS 18.6.2 was incoming, but the update was not present in our logs at that time. Last year, the same anonymous source claimed that iOS 17.5.2 was in the pipeline, but Apple ...
Read Full Article24 comments
bug security vulnerability issue fix larry

Update Now: iOS 18.6.2 and macOS Sequoia 15.6.1 Fix Actively Exploited Vulnerability

Wednesday August 20, 2025 10:58 am PDT by
Apple today released new iOS 18.6.2, iPadOS 18.6.2, and macOS Sequoia 15.6.1 updates, and the software addresses a security vulnerability that is known to have been actively exploited. According to Apple's security support documents, memory corruption could result from devices that were sent a malicious image file. Apple says that it is aware of a report that the issue "may have been...
Read Full Article73 comments

Top Rated Comments

Tubamajuba Avatar
Tubamajuba
122 months ago
Apple iOS, it just works... oh wait :eek:
Dude, give it up. We get it, you hate all things Apple.
Score: 12 Votes (Like | Disagree)
braddick Avatar
braddick
122 months ago
this issue reminds me of the joke, "The patient says, "Doctor, it hurts when I do this." "Then don't do that!"
Score: 8 Votes (Like | Disagree)
KALLT Avatar
KALLT
122 months ago
Apple products like the iPad (and virtually all mass-market wireless devices) are designed to automatically connect to wireless networks they have seen before. They do this with a relatively weak level of authentication: If you connect to a network named “Hotspot” once, going forward your device may automatically connect to any open network that also happens to be called “Hotspot.”

For example, to use Starbuck’s free Wi-Fi service, you’ll have to connect to a network called “attwifi”. But once you’ve done that, you won’t ever have to manually connect to a network called “attwifi” ever again. The next time you visit a Starbucks, just pull out your iPad and the device automagically connects.
That right there is your problem. As if automatic joining of known SSIDs was not a bad enough idea, iOS also offers no way to see, edit and remove these known SSIDs, unless you are in range. You can only reset your networking settings to clear everything, but who does that on a regular basis? I do not understand why Apple has not done anything about it. I’d wager that there are many iPhone users out there who have long lists of known SSIDs.
Score: 7 Votes (Like | Disagree)
maxsix Avatar
maxsix
122 months ago
Apple iOS, it just works... oh wait :eek:
Score: 7 Votes (Like | Disagree)
Traverse Avatar
Traverse
122 months ago
I'm still astounded at how people find these. Like old hacks in Gameboy color games: "take 3 steps left, head down until you're spotted, press start at the right time to freeze the game, go here, turn around three times = unlimited whatever"

Who figures these out! :eek:
[doublepost=1460563286][/doublepost]
Apple should just change it to where you cannot change the date on iOS, and all times are adjusted automatically through Wi-Fi or cellular through Apple's servers only.
But then my aunt couldn't cheat at Candy Crush! :p
Score: 6 Votes (Like | Disagree)
Soba Avatar
Soba
122 months ago
Should never happen if apple is using ntp - the spec and all common implementations forbid time travel (setting clock backwards). So this is purely and Apple bug, not ntp.
Very tiny nitpick: In some situations, the clock will indeed be set backwards with ntp, but it's an unusual circumstance and the change should be quite small.

However, ntp's defaults (last I knew) forbid any clock correction exceeding 1000 seconds, so this kind of massive, 40-year correction should not be possible under any circumstances. Either Apple wrote their own time sync client (why?) or changed this default in their implementation of ntp. (Again, why?)

Incorrect device clocks have major security implications for any network, so even without this bricking bug, Apple should be paying closer attention to this. Time sync should never be an afterthought.
Score: 6 Votes (Like | Disagree)
Read All Comments