An annoyance has been revealed that might drive an iPhone or iPad into a seemingly unending boot loop of death while using Apple’s Home app. According to the researcher who discovered it, Apple isn’t concerned enough about the problem to repair it right away.
“I believe this flaw is being treated in an unethical manner because it offers a severe risk to consumers and many months have gone without a full remedy,” security researcher Trevor Spiniolas wrote in a PDF shared online earlier this month. “Rather than being kept in the dark, the public should be aware of this vulnerability and how to prevent it from being exploited.”
We’re not sure how much of a security danger this issue, dubbed “DoorLock” by Spiniolas, actually poses, while it may appear that your iPhone is permanently bricked and unrecoverable. (There are ways to save your iPhone, which we’ll go over later.)
However, iPhone and iPad users should take precautions to protect themselves from pranksters and trolls who may take advantage of the issue for their own entertainment.
We’ve also reached out to Apple for comment on the matter, and we’ll update this storey whenever we hear back.
DoorLock: What’s in a name?
According to Spiniolas, the flaw is triggered when a device on a local HomeKit network, Apple’s implementation of smart-home networking, is granted a very long name – we’re talking hundreds of thousands of characters. Any iOS device connected to the network has the ability to modify a device’s name at will.
“When a HomeKit device’s name is changed to a long string (500,000 characters in testing), any device with an impacted iOS version installed that loads the string will be interrupted, even after rebooting,” Spiniolas stated in a blog post.
This causes the Home app on iOS devices connected to the HomeKit network to crash and remain crashing until the issue device is renamed (possibly because particularly long names may “overrun” a memory allocation).
Even worse, if an iOS device has the Home app active in the Control Center (the swipe-down menu accessible from the iPhone’s main screen), the device would freeze and become unresponsive, according to Spiniolas.
Rebooting the device will not assist because the Home app will be installed before the user can access the Settings screen and remove Home from the Control Center. Even performing a full restore (which destroys the user’s data on the phone) will only address the issue until the user enters into their iCloud account.
“Restoring a device and signing back into the iCloud account associated with the HomeKit device will retrigger the bug,” Spiniolas warned.
Recent versions of iOS all affected
The problem affects at least iOS 14.7 and 14.8, and most likely all iOS 14 versions, according to Spiniolas. (According to Tom’s Guide, all versions of iOS that enable HomeKit, dating back to iOS 8, may be vulnerable.)
Users were barred from providing HomeKit devices exceptionally long names beginning with iOS 15 or possibly the 15.1 update, Spiniolas noted — both of which were issued after he reported the bug to Apple. However, if iOS 15 devices join HomeKit networks with similar gadgets, they would still crash/freeze as indicated above.
According to Spiniolas, attackers can encourage iOS device users to join rogue HomeKit networks or change the names of devices on HomeKit networks that they are already a part of. He even fears that this would lead to ransomware-style attacks on iOS devices, in which attackers will hold devices “hostage” until a ransom is paid, which we believe is improbable.
“The good news is that the issue doesn’t let attackers spy on your phone (or your HomeKit devices), steal data such as passwords or personal messages, install malware, rack up fraudulent internet charges, or meddle with your network,” Sophos’ Paul Ducklin said in a blog post last week.
Spiniolas claims he informed Apple of the flaw on August 10, 2021, but the corporation keeps pushing out the deadline of a remedy until it is now “early 2022.” We’ve approached Apple for clarity once more.
How to get out of a boot loop caused by the DoorLock flaw
If your iOS device freezes due to this bug (which we doubt), Spiniolas says you’ll need to execute a system restore, which would completely destroy all user data on your iPhone or iPad.
However, do not enter into your iCloud account when prompted by your iOS device, advises Spiniolas. Instead, wait until the iPhone or iPad is completely set up locally before signing into iCloud from the Settings menu – and immediately disable the Home switch.
Spiniolas makes no mention of another conceivable solution: If you have HomeKit and the Home app installed on your Mac (available in macOS 10.14 Mojave and later), you may be able to rename the problematic devices without having to conduct a factory-restore process on your iOS devices. That is, providing there isn’t a comparable problem in the Mac version of the Home programme.
How to avoid getting snagged by the DoorLock flaw
Fortunately, it is fairly simple to ensure that you are not harmed by any potential attacks that use this weakness. According to Sophos’ Ducklin, the first step is to not allow anyone you don’t live with to join your HomeKit network — and to refuse to join anyone else’s HomeKit network even if they invite you. That is, after all, basic sense.
To avoid becoming stuck in a HomeKit boot loop, Ducklin recommends deleting Home from your iOS devices’ Control Centers ahead of time, which you can do in Settings > Control Center > Customize Controls.
Finally, and this is something that all iOS users should do on a regular basis, back up your devices to your preferred Mac or PC so that all of your user data can be accessible without having to contact Apple.