Among the many novelties that came with iOS 9.3 there was one that solved a bug in which if we set a specific date of 1970 the iPhone might not be able to start again. But it seems that the curse of 1970 has not yet been removed, since security researchers have found a variant that could be used to bricking the device later, as soon as the iPhone connects to a Wi-Fi network. The new exploit uses a combination of two weaknesses discovered in iOS, as reported KrebsonSecurity.
The first of these weaknesses is that iOS devices are automatically connect to known networks, but they depend on the SSID to identify them. An iPhone, iPod Touch or iPad will automatically connect to a malicious network that uses the same name as one of the networks it has connected to in the past. The second weakness is that iOS devices are programmed to constantly check that their date and time settings are correct by connecting to NTP servers.
1970 returns to threaten devices with iOS 9.3 and earlier
All the security researchers had to do was create their own Wi-Fi hotspot named "attwifi", as used at Starbucks, and their own NTP (Network Time Protocol) server pretending to be time.apple.com to deliver the date January 01, 1970.
The result? IPads that came into the range of the (bad) test network rebooted and began to self-destruct little by little. It is not clear why they do this, but here is a possible explanation: Most applications on an iPad are configured to use security certificates that encrypt data transmitted to and from the user's device. Those encrypted certificates stop working properly if a user's mobile system date and time are set to a year preceding the certificate's issuance.
The bug is related to the previous bug from 1970, but it is not the same, so it was not fixed with the release of iOS 9.3. Its discoverers, security researchers Patrick Kelley and Matt Marrigan, reported the bug to Apple and those in Cupertino. fixed it in iOS 9.3.1. The investigators did what has to be done in these cases: inform and agree not to make public the exploit until the responsible company had fixed it. We may think that it would be best to never publish it, but by doing so they gain prestige as security researchers. Of course, they endanger all those users who are still on iOS 9.3 and earlier versions.
