iPhone crashing bug likely caused by code added to appease Chinese gov’t

by
Dan Goodin
from Ars Technica - All content on (#3TMZK)
GettyImages-181281518-800x533.jpg

Enlarge / A customer inspects the 2013 iPhone at the Wangfujing flagship store in Beijing. (credit: Lintao Zhang/Getty Images)

The iOS 11.4.1 update Apple released Monday was most notable for making it harder for law enforcement to access locked iPhones. On Tuesday, security researcher Patrick Wardle illuminated another fix. He said his fix addressed code Apple added likely to appease the Chinese government; this is the code that caused crashes on certain iDevices when users typed the word Taiwan or received messages containing a Taiwanese flag emoji.

"Though its impact was limited to a denial of service (NULL-pointer dereference), it made for an interesting case study of analyzing iOS code," Wardle, a former hacker for the National Security Agency, wrote in a blog post. "And if Apple hadn't tried to appease the Chinese government in the first place, there would be no bug!"

Wardle, who is now a macOS and iOS security expert at Digital Security, said he was perplexed when a friend first reported her fully patched, non-jailbroken device crashed every time she typed Taiwan or received a message with a Taiwanese flag. He had no trouble reproducing the remotely triggerable bug, which crashed any iOS application that processed remote messages, including iMessage, Facebook Messenger, and WhatsApp. Wardle did, however, find that only devices with certain region-specific configurations were affected.

Read 3 remaining paragraphs | Comments

index?i=XSUmqFg3n98:eBHoQ2gAoqE:V_sGLiPB index?i=XSUmqFg3n98:eBHoQ2gAoqE:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments