Well, “permanently” as in, until you do a hard reset of your device. You won’t be able to clear this by wiping your WiFi or internet settings, or removing saved WiFi hotspots. You’ll have to actually reset your entire device. That means wiping your device completely, then potentially restoring from a backup. You may have to modify that backup just to get working again. This is a simple exploit that literally anyone could do as a prank, but it could destroy WiFi on your iPhone.
It all starts with a network name.
Networks have Service Set Identifiers (SSIDs). Your SSID is the name of your WiFi network. A few weeks ago, a symbol involving this string of characters, “%p%s%s%s%s%n,” could permanently disable your WiFi. Now it seems hackers and trolls can use a simple one that doesn’t look as dangerous. Researcher Carl Schou found the flaw using WiFi with the name “%secretclub%power.” Joining that network disabled WiFi on his device, and it’ll work on yours too. Anyone who knows how to set up a WiFi network could permanently disable WiFi on your iPhone.
The Flaw
Seriously, I still don’t have WiFi pic.twitter.com/AaF9IQBvCp
— vmcall (@vm_call) July 4, 2021
You might have noticed that the above two WiFi SSIDs have something in common, “%s” and “%p.” Carl Schou used “Secret Club” as it’s the name of his not-for-profit group dedicated to breaking software, finding vulnerabilities, and sharing them, so they can be fixed and avoided. The “Power,” besides having the letter ‘P’ at the beginning, could be a reference to the iMessage bug that would crash iPhones upon receiving a specially formatted text message that had the word “power” in it.
So what’s going on here? In programming languages, we use different characters to represent something. You may not be able to type a new line character on your keyboard, but you can use \n. Well, many languages also use the % character for a similar purpose. In C-based languages, like Objective-C, the backbone language of iOS, ‘%’ characters tell the computer to do something with a string. It tells your iPhone, in this case, to do something with those characters. However, it shouldn’t be doing anything with them. Normally we sanitize user input, removing problematic characters. It seems as though this isn’t the case in this particular part of iOS. It’s a simple bug, but it can be devastating. Shutting down WiFi permanently may just be one of its capabilities.
How to Fix It
Thanks to @pieceofsummer and @wr3nchsr I now have WiFi again. To restore WiFi functionality, you have to manually edit an iPhone backup and remove malicious entries from the known networks .plist
— vmcall (@vm_call) July 4, 2021
The bad news is, this is a difficult fix. You’ll need to wipe your device, then restore from a backup on your computer. If you have a backup from before you joined the bad network, that’ll work. If you can’t use an old backup, because you don’t want to lose your data or simply don’t have a clean backup, you’ll have to backup to a computer. Then you’ll have to open up and modify the backup file. You’ll have to unpack it, find the .plist for known networks, and delete the bad network. It’s not an easy task, and not something the average consumer would be able to do.
Stay Safe
I shouldn’t have to tell you this very basic security tip, but don’t join weird networks. Only join WiFi networks when you trust the person giving it to you. Don’t join public, unprotected WiFi hotspots, as those make for excellent hacking locations. A hacker can just sit on one of those networks and gather all kinds of information off of your computer. If you do have to use such a network, or if you just want some extra protection, look into an encrypted VPN like ProtonVPN, ExpressVPN, Surfshark, or NordVPN. There are many others too, but those are good. And, yes, there are free VPNs. You shouldn’t use those. VPNs could also potentially collect your information, and that could be how free VPNs make money. You want a VPN service with encrypted transmission and no logs.
To stay safe, just don’t join weird networks, especially ones with a ‘%’ character in the name somewhere. It’s that easy.