The 'DoorLock' Bug Is A HomeKit Bug That Can Render Apple Devices Useless

doorLock

No product is perfect. Even when it is created by some of the most knowledgeable developers from some of the most respected companies, bugs will be found.

And this time, one particular bug was found on Apple's HomeKit that can send Apple devices attempting to connect to it to plunge into a death loop. The issue stems from a "very long string" name, that according to security researcher Trevor Spiniolas who discovered it, could make iOS and iPadOS devices unusable.

In a disclosure published on January 1, if a HomeKit device name is changed to a set of at 500,000 characters, any iOS and iPadOS devices that attempts to connect to it, even when attempting to load the strong name, will be caught in a loop.

While Apple has imposed a limit on the length of a name that an app or user could set through an update in iOS 15.0 or 15.1, the name can still be updated by previous iOS versions.

Spiniolas on his website post called the bug the "doorLock," said that it affects all iOS versions from iOS 14.7 onwards under testing, with chances that it also exists on all iOS 14 versions too.

The thing is, the bug can appear repeatedly and consistently.

This happens because iOS and iPadOS devices store whatever HomeKit devices they attempted to connect to into iCloud and sync that data into all devices under the same account

Because of this, the bug can be triggered on an iOS devices running any version, as long as it shares the same HomeKit data.

When an iOS device is exposed near to a HomeKit device with a name that is too long for it to handle, there are two situations that can occur.

For a device that doesn't have the Home devices enabled in Control Center, launching the Home app will crash the phone and render it useless. The device will not reboot, and updates won't fix the problem.

Because the crashes disrupt USB access, users are basically forced to restore their device and lose all of their local data. But even this won't solve the issue, as the the problem will persist if the device is signed into the same iCloud account.

And for a device that has the Home devices enabled in the Control Center, the device will immediately turn unusable and crashes.

Neither reboots nor updates will fix the problem, and restored devices will make the Home app unusable if it is signed into the same iCloud account.

As with its other tech companies, Apple is keen on keeping its apps and its overall ecosystem safe for all of its users. But this bug here, is so persistent that it is annoying.

And according to Spiniolas, he also believes that the issue could be used for malicious purposes.

If a malicious actor introduces the bug to the HomeKit, it's feasible for the person to send invitations to a Home to other users, even if the target doesn't own a HomeKit device.

According to the researcher, the worse can be avoided by simply disabling Home devices in Control Center.

Users using iOS and iPadOS devices should also be vigilant to invitations to join Home networks of other users, especially those from unknown contacts.

Spiniolas said that he reported the bug to Apple on August 10th, with Apple said to have planned for a security update fixing the bug to be issued by the end of 2021.

However, Apple then allegedly changed its estimate on December 8th to say that the fix would be rolled out on "Early 2022."

The delayed fix prompted Spiniolas to warn Apple that a public disclosure of the bug would be made on January 1, 2022.

"I believe this bug is being handled inappropriately as it poses a serious risk to users and many months have passed without a comprehensive fix," he said. "The public should be aware of this vulnerability and how to prevent it from being exploited, rather than being kept in the dark."

Published: 
04/01/2022