- Super Smash Bros. Ultimate player’s trans flag removed for being ‘political’ Monday 7:37 PM
- Does Donald Trump Jr. know what American soldiers do? Monday 7:17 PM
- Sophie Turner has a hot take on Arya’s ‘Game of Thrones’ sex scene Monday 6:50 PM
- Parked Tesla Model S bursts into flames in shocking video Monday 3:12 PM
- Fortnite is getting an Avengers Endgame event Monday 2:44 PM
- The living are facing the end of the world in the latest ‘Game of Thrones’ Monday 2:37 PM
- The best Korean beauty toners for your skincare routine Monday 2:33 PM
- Warren’s plan to cancel student debt stimulates the bad-take economy Monday 2:27 PM
- Video shows Easter Bunny punching man on sidewalk Monday 2:09 PM
- The 7 best lubes for when you wanna do butt stuff Monday 2:00 PM
- 11 best sex toys under $35 to blow your mind Monday 1:30 PM
- Twitch streamer inadvertently documents all the times she was sexually, verbally harassed on vacation Monday 1:12 PM
- Raptors coach Nick Nurse becomes a relatable meme Monday 1:12 PM
- Man wears bandage that blends in with his skin tone, and Twitter has all the feelings Monday 12:55 PM
- The 8 best Korean sunscreens to add to your bag Monday 12:15 PM
A new “chaiOS” bug was discovered in Apple operating systems this week, and it causes the iMessage app to crash. Using a simple web address, pranksters can overload the app with a long string of text, forcing it to freeze and reboot. The nasty bug works even when the recipient doesn’t open the full link.
It can cause the application to crash just from the pressure put on by the link preview, Tom’s Guide reports. If the app doesn’t crash before then, it takes users to a GitHub page that initiates the bug. Users have reported freezing, crashes, restarts, and resprings (when iOS restarts its UI, a process that takes about 10 seconds).
It’s been a rough couple of months for iPhone owners. First, Apple admitted it was slowing down phones to prevent them from shutting off. Then Intel’s Spectre and Meltdown fiasco cast doubt on the security of practically every modern computing device in existence. A fix was discovered, but all it did was convert privacy concerns into anger about performance slowdowns. Not to mention the ridiculous bug that caused auto-correct to replace the letter “i” with “A [?].”
This new type of attack is called a “text bomb” and in this case, it can affect iPhones, iPads, and Macs. It seems to have been created by Abraham Masri, an iPhone jailbreaker who shared the link on social media and warned of its abilities, urging people, “Don’t use it for bad stuff.” It now appears Github banned Masri, effectively taking down the link. Masri says he has no intention of reposting the link but other users already claim to have recreated it. He explained why he posted it in the first place in a follow-up tweet.
“The bug I released was to get @Apple’s attention. It’s just an html file. @Github always hosted jailbreaks (even .ipa files) that might’ve included malware. I don’t understand why you’d ban my account. Btw, I always report bugs before releasing them,” he wrote.
The bug I released was to get @Apple's attention. It's just an html file.@Github always hosted jailbreaks (even .ipa files) that might've included malware. I don't understand why you'd ban my account.
Btw, I always report bugs before releasing them.
— Abraham Masri (@cheesecakeufo) January 17, 2018
Advice for protecting yourself from this type of bug is simple: Don’t press on links you’re not familiar with, even if they’re sent from someone you may know. Things get tricky if you do. Some users say their iMessage app didn’t restart itself after it shut down and force-quitting wasn’t an option. Twitter user @D3mRid3rOS replied to Masri’s text with a Safari link designed to fix the problem, but we’re not convinced it won’t end up harming your device. Henry Casey at Tom’s Guide said the link saved his phone but noted “a plethora of ads for online gambling.”
From what we can tell, this type of bug does not put your personal information in jeopardy nor does it put your device in danger of being hijacked. While this infuriating vulnerability is easy to avoid using common sense, it’s unnerving nonetheless. A single link shouldn’t be able to paralyze one of the most popular iPhone apps.
We have informed Apple of the vulnerability and will update this article if we learn more. In the meantime, be on the lookout for a software update that patches the bug.
Phillip Tracy is a former technology staff writer at the Daily Dot. He's an expert on smartphones, social media trends, and gadgets. He previously reported on IoT and telecom for RCR Wireless News and contributed to NewBay Media magazine. He now writes for Laptop magazine.