Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
Security Bug Communications Desktops (Apple) Iphone Operating Systems Programming Software Apple

'Text Bomb' Is Latest Apple Bug (bbc.com) 46

Posted by BeauHD from the headache-inducing dept.
An anonymous reader quotes a report from the BBC: A new "text bomb" affecting Apple's iPhone and Mac computers has been discovered. Abraham Masri, a software developer, tweeted about the flaw which typically causes an iPhone to crash and in some cases restart. Simply sending a message containing a link which pointed to Mr Masri's code on programming site GitHub would be enough to activate the bug -- even if the recipient did not click the link itself. Mr Masri said he "always reports bugs" before releasing them. Apple has not yet commented on the issue. On a Mac, the bug reportedly makes the Safari browser crash, and causes other slowdowns. Security expert Graham Cluley wrote on his blog that the bug does not present anything to be particularly worried about -- it's merely very annoying. After the link did the rounds on social media, Mr Masri removed the code from GitHub, therefore disabling the "attack" unless someone was to replicate the code elsewhere.

'Text Bomb' Is Latest Apple Bug More | Reply

'Text Bomb' Is Latest Apple Bug

Comments Filter:

  • causes an iPhone to crash and in some cases restart. Simply sending a message containing a link which pointed to Mr Masri's code on programming site GitHub would be enough to activate the bug -- even if the recipient did not click the link itself. Mr Masri said he "always reports bugs" before releasing them.

    I usually love seeing such bugs in action. Anyone can point us to the video?

  • Text? (Score:1)

    by Anonymous Coward

    Link?

  • Is it really a bug though?? (Score:1)

    by Anonymous Coward

    I don't know about all of you, but I'm getting really excited just waiting to see how SuperKendall will enlighten us all as to how this is a feature that benefits each and every disciple of the Apple world. This is gonna be good.

    +1 troll

  • As part of that crash and other slowdowns result is the user's password getting revealed in plain text again?

  • Ban unicode (Score:3)

    by RightwingNutjob ( 1302813 ) on Thursday January 18, 2018 @05:35PM (#55956277)
    If it can't be expressed in ASCII, it's not worth writing.

    • Is all of ASCII really needed? My ASR-33 teletype does a fine job with just the seven bit character set. It doesn't even have lower case.

    • If it can't be expressed in ASCII, it's not worth writing.

      No other languages exist in the world.

  • Had this on an old Nokia phone (Score:4, Informative)

    by whoever57 ( 658626 ) on Thursday January 18, 2018 @06:06PM (#55956459) Journal

    Some text messages would reliably cause the phone to reboot on delivery of the message.

    This would cause an almost endless reboot cycle, until the server gave up attempting to deliver the text message (around 10-20 reboots).

  • This is exactly why Unicode support is unsafe and dangerous! Thankfully Slashdot will always be a safe haven from such shenanigans.

  • Try the Wayback machine. I found it pretty easily. Really interesting trick. He made a simple HTML file with a link in it, and the HREF of that link has all kinds of crazy garbage in it (unicode characters) which cause the webkit engine to spaz out. Even copying the source out of chrome and pasting into Notepad++ made the text editor freak out a little bit.

Slashdot Top Deals

If you're not part of the solution, you're part of the precipitate.

Close