Hacking Researcher Details iPhone Wi-Fi Hotspot Vulnerability

| News

Internet security researcher Samy Kamkar has uncovered a potential security flaw that could allow hackers to steal data from iPhone owners by tricking them to join an untrusted network. The attack takes advantage of the way iPhones rejoin AT&T hotspot without verifying that the network is legit, according to CNET

“The iPhone joins the network by name with no other form of authentication,” Mr. Kamkar said.

Mr. Kamkar followed up his discovery by writing an application that displays custom messages in the iPhone’s Maps application. He plans to release the code on the Internet, too.

The discovery means anyone with a laptop can set up their own fake AT&T hotspots and potentially capture network activity from unsuspecting iPhone owners.

iPhone owners can avoid potentially auto-joining a fake AT&T hotspot network by using the built-in “Forget This Network” option every time they leave a legit AT&T hotspot. That won’t, however, prevent someone from joining a network posing as an AT&T network — and it’s a kludgy workaround, too.

Apple hasn’t commented on the potential security flaw, or said if they plan to change how the iPhone verifies Wi-Fi hotspot connections.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

James R Grinter

I don’t see how this is new, nor how it is specific to iPhones. It is simply because the name is the only way to identify public, non-mutually-authenticated, hotspot networks.

All of using iPhones on O2 in the UK regularly encounter this problem with “BT Openzone” hotspots, which regularly aren’t the normal ones we can use for free.

(Colleagues of mine were discussing the issue of public hotspot spoofing with providers back in 2002, and I doubt they were the first to discover it. But, hey, they didn’t think to call themselves “internet security researchers” and publicise it far and wide for “fame and glory”.)

The Skeptic

james is exactly right.  How is this new?  Any public wi-fi for any wi-fi device can be spoofed in this way.  It has nothing to do with the iPhone or At&T…

If this is the best Samy can come up with, he needs a new job.

Log-in to comment