Apple's China-Friendly Censorship Caused An iPhone-Crashing Bug (wired.com) 78
Security researcher Patrick Wardle helped Apple fix a bug that would crash apps displaying the word "Taiwan" or the Taiwanese flag emoji. Some iPhones could be remotely crashed by something as simple as receiving a text message with the Taiwanese flag. Apple confirmed the fix in a security update Monday. Wired reports: "Basically Apple added some code to iOS with the goal that phones in China wouldn't display a Taiwanese flag," Wardle says, "and there was a bug in that code." Since at least early 2017, iOS has included that Chinese censorship function: Switch your iPhone's location setting to China, and the Taiwanese flag emoji essentially disappears from your phone, evaporating from its library of emojis and appearing as a "missing" emoji in any text that appears on the screen. That code likely represents a favor from Apple to the Chinese government, which for the last 70 years has maintained that Taiwan is a part of China and has no legitimate independent government.
But Wardle found that in some edge cases, a bug in the Taiwan-censorship code meant that instead of treating the Taiwan emoji as missing from the phone's library, it instead considered it an invalid input. That caused phones to crash altogether, resulting in what hackers call a "denial of service" attack that would let anyone crash a vulnerable device on command. Wardle's still not sure how many devices are affected, or what caused that bug to be triggered only in some iOS devices and not others, but he believes it has something to do with the phone's location and language settings. Wardle has more details of the bug on his blog.
But Wardle found that in some edge cases, a bug in the Taiwan-censorship code meant that instead of treating the Taiwan emoji as missing from the phone's library, it instead considered it an invalid input. That caused phones to crash altogether, resulting in what hackers call a "denial of service" attack that would let anyone crash a vulnerable device on command. Wardle's still not sure how many devices are affected, or what caused that bug to be triggered only in some iOS devices and not others, but he believes it has something to do with the phone's location and language settings. Wardle has more details of the bug on his blog.
Re: (Score:1)
Word salad ahoy!
LOL (Score:5, Insightful)
Good one apple. Way to bend over for China. Anything to sell more overpriced toys.
Re: (Score:1)
I can kind of understand they had no choice there. It's a pretty big market to just give up for reasons of principle.
But how can "invalid input" just lead to a crash of the system?! Shouldn't input validation be a solved problem by now?
why not just show the chinese flag emoji? (Score:2)
Why support them? (Score:1)
Yay Apple, the 'Anti big brother'.
Step 1 (Score:3, Insightful)
Step 1: Make Taiwan's flag disappear in China
Step 2: Make iPhone act as if it's in China when it's in Taiwan -- pretend Taiwan has disappeared
It's a small step.
Then report back to China on everything happening on phone, everywhere -- what electronic boundaries are there for authoritarianism?
Disgusting (Score:4, Insightful)
Re: Would using Rust have helped prevent this bug? (Score:1)
You can write bad code in any language.
You C fanatics are really showing your ignorance when you make wrong claims like that. There are certain types of bugs that happen almost naturally within C code but that are pretty much impossible to have happen in languages like Java, Ruby, and especially Rust. Only somebody who is totally ignorant about the last 25 years of programming language development would write something as wrong as what you just wrote.
Re: (Score:2)
And how does rendering a character crash the phone? Are they rendering fonts in the kernel?
Fake Apple Virtue (Score:2, Insightful)
Gotta love how Apple pretends to be full of virtue.
Meanwhile they collaborate with one of the world's most oppressive governments.
You don't know half of what goes on in China because it is all censored.
Re: Fake Apple Virtue (Score:1)
Oh right, I forgot that if you do something bad for money then its all good after all.
IBM sold 'adding machines' to the Nazis, I wonder what they were counting with such zeal? Who cares, good for business.
1984 Anyone? (Score:1)
Basically Apple added some code to iOS with the goal that phones in China wouldn't display a Taiwanese flag
If this is true, then NOBODY should be using this product.
Re: (Score:2)
Real life Ministry of Truth. [wikipedia.org]
Think Different (Score:2, Insightful)
From Think Different to shareholders whores.
AI (Score:1)
Sure. A multi billion dollar company can't keep their phones from crashing due to playing an emoji , but AI is right around the corner right?
What a fucking joke. Tre iPhone USB riddled with bugs even though it is apples flagship product.
But yeah, AI is gonna happen real soon now
Re: (Score:2)
Card can drive themselves (mostly successfully).
When they can spell check properly we will know they are on the right track.
Re: AI (Score:1)
That's like saying back in the late 90s that Linux couldn't possibly exist and be stable because Microsoft is a huge multi-billion-dollar company and their OSes like Windows 95, Windows 98 and Windows ME often crashed unexpectedly.
Just because Apple might be having some problems with its software doesn't mean that unrelated software from unrelated vendors is having problems too! Lots of companies working on cutting edge technologies are using a modern programming language like Rust, for example. Rust has be
there $1.39/hr pay is bigger then free speech (Score:2)
there $1.39/hr pay is bigger then free speech
Cupertino city flag (Score:2)
Even the city of Cupertino has their own flag [wikimedia.org]. This does not mean Cupertino is not part of California, nor does California's flag mean it is not part of the US. (I'm sure California's contributions to GDP and federal taxes are appreciate, even if their politics are not welcomed)
Taiwan can have a flag, and China can claim that Taiwan is part of them. The two positions are no worse than the usual double-think that goes on in the Communist Party of China (CPC). It's kind of sad that freedom-loving American com
Re:Cupertino city flag (Score:5, Informative)
The Taiwanese Flag is also the Chinese National Flag... pre-Communist revolution. The Taiwanese government claims continuity with the pre-Communist government. Hence, to mainland China, it is very much like Delaware wanted to keep flying the Union Jack in 1830.
Vulnerability description (Score:2, Informative)
Pseudo code for those of you not familiar with Objective C. ...
locale currentLocale = CFLocaleCopyCurrent();
string countryCode = CFLocaleGetValue(currentLocale, kCFLocaleCountryCode);
if countryCode == "CN" then
If in your phone's configuration no current region is set (region-less configuration) then CFLocaleGetValue will return a null pointer. And thus when the code tries to compare the 'C' with the first character in countryCode, it crashes with a null pointer dereference.
China vs China (Score:4, Informative)
the [People Republic of China] government, which for the last 70 years has maintained that Taiwan is a part of China and has no legitimate independent government.
And Taiwan's government has the exact same opposite position, maintaining that they are the only legitimate government of China. Both government consider there is only one China, and that its territory contains mainland and Taiwan island.
Re:China vs China (Score:5, Informative)
However, Taiwan is a democracy with protection for basic human rights. You can freely fly the Chinese flag and openly advocate Taiwan is a part of China. Try doing the reverse in China will most likely result in imprisonment. That is the biggest difference between Taiwan and China.
Oh', that China vs China argument is a Chinese construct. The Chinese position is, if Taiwan renounces its Chinese territorial claim then that's justification for invasion; if Taiwan continues its Chinese territorial claim, that too is justification for invasion.
Re: (Score:1)
However, Taiwan is a democracy with protection for basic human rights. You can freely fly the Chinese flag and openly advocate Taiwan is a part of China. Try doing the reverse in China will most likely result in imprisonment. That is the biggest difference between Taiwan and China.
Oh', that China vs China argument is a Chinese construct. The Chinese position is, if Taiwan renounces its Chinese territorial claim then that's justification for invasion; if Taiwan continues its Chinese territorial claim, that too is justification for invasion.
Yep.
Hipsters and their love of communism. They'll call their own president a "nazi" - openly, in public, with no repercussions whatsoever, just backslaps from all around - but a real repressive dictatorship (red China), they just can't get enough of loving that.
Re: (Score:2)
However, Taiwan is a democracy with protection for basic human rights.
Sure, but why do you have this urgent need to tell the good and the evil when talking about foreign countries? Have you wondered why you do not feel the same need when talking about public figures, corporations, religions, etc?
I agree many countries are ruled by evil governments, but it seems we now have a list of countries we must call evil before we are allowed to start a sentence about them. That sounds a lot like war propaganda.
Human rights vs. profit (Score:2)
Apple works to protect the environment and gay rights, and tries not to use raw materials supplied by child labor. That's good.
I hope some day Apple will also care some day about human rights, like free speech.
At an Apple shareholder's meeting [theguardian.com]:
"When we work on making our devices accessible by the blind, I don’t consider the bloody ROI," Cook said, adding that the same sentiment applied to environmental and health and safety issues.
Ok, when will Apple apply the "I don’t consider the bloody ROI" philosophy, when it comes to selling Apple devices in China?
NSA, GCHQ, China... (Score:2)
Thats some great customer support to support nations with their user problems.
I am in Xiamen now... (Score:3)
Re: (Score:2)
Yeah and Tianamen Square results in nothing but pictures of beautiful flowers.
[Pushes glasses up to brow] (Score:2)
Re: (Score:2)
Shame on you Apple (Score:1)