Apple is having a bad month. To date, the company’s “user-hostile” iPhone battery practices were exposed, Face ID hacked, iOS code exploited (twice) and the iPhone 11’s final secrets revealed. And now things just got a lot worse.
Today researchers have publicized the ‘KNOB Attack’ which impacts billions of iOS and Android devices around the world. But while Google has already patched the problem and started the rollout out to devices, iPhone and iPad users are not so lucky because a bizarre mistake by Apple has left them with nowhere to go.
KNOB stands for ‘Key Negotiation of Bluetooth’ (terrible acronym, I know) and what it amounts to is a clever, “brute force” attack on “any standard-compliant Bluetooth device”. It works remotely by exploiting a flaw in the Bluetooth encryption key protocol to force through small packets of data which give the hacker access to your device. And because its a flaw inherent to Bluetooth, everyone is vulnerable.
“We conducted KNOB attacks on more than 17 unique Bluetooth chips (by attacking 24 different devices),” explained the researchers. “At the time of writing, we were able to test chips from Broadcom, Qualcomm, Apple, Intel, and Chicony manufacturers. All devices that we tested were vulnerable to the KNOB attack.”
But here’s why it’s so much worse for iPhone and iPad users: in its security notes Apple confirmed the “iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later” (aka every iOS 11 and iOS 12 compatible device dating back to 2013) are vulnerable to it and a patch was issued in iOS 12.4 (bug code CVE-2019-9506). But, in case you have been living under a rock, iOS 12.4 contains a staggering exploit which allows hackers to remotely jailbreak your iPhones and install malicious code.
Consequently, every supported iPhone or iPad is vulnerable to the KNOB Attack if they are not running iOS 12.4 and every device which has upgraded to it is vulnerable to a remote attack which is just as bad.
Are you running a very old iPhone or iPad and feeling smug? Don’t. Not only is every iOS device ever made running standard-compliant Bluetooth, making them all vulnerable to KNOB, old devices are no longer supported meaning they are unlikely to be patched. So when, in January, Tim Cook stated there are 1.4BN active iOS devices around the world, that’s how many are vulnerable to this Catch-22 situation right now.
For Apple, releasing iOS 12.4.1 must now be their top priority to give users an escape route, as well as emergency upgrades for iOS 9 and 10 (it has happened before). That said, so far Apple has remained silent about the iOS 12.4 exploit and iOS 12.4.1 has not been seen in beta testing so there is currently no timeframe for a fix. Meanwhile, iOS 13 will arrive next month and it drops support for multiple generations of devices, which means it’s time for the company to step up.