Skip to main content

People are trolling iPhone users with the ‘killer symbol’ that crashes their apps



Surprise! Assorted jerks on the internet have weaponized the Unicode-based bug we reported yesterday to insta-crash apps running on an iPhone or a Mac. The result is somewhere between the old Alt + F4 trick and a script kiddie stunt, and it ranges from being annoying to rendering a device unusable, depending on the tenacity of the troll.

The bug causes many iOS and Mac apps to crash when rendering two characters in Telugu, a south Indian language. While anyone can avoid viewing the symbols themselves, problems arise when someone ill-intentioned starts spamming out the symbols or sending them directly to devices where they will be received as a notification.

Droves of Twitter users have taken to tweeting the symbols out over the last day with messages like “read this to log off instantly” and “retweet this to crash anyone using an Apple device,” though luckily most of them don’t have many followers. Still, if the symbol shows up in your @ replies or in the handle of someone who likes one of your tweets, then it’s game over for whatever app you have open (Motherboard writer Joseph Cox learned this the hard way). From what we’ve observed, the only way to get an app working again is to reinstall it from scratch — a time-consuming process, especially if a troll just crashes it all over again.

As captured on Twitter, one security researcher added one of the symbols to his Uber handle as an experiment. “I suspect a crashed phone means you get routed to the next driver… who gets crashed too. Like an Uber routing worm,” he wrote. We reached out to Uber to see if they’re aware of the issue and will update when we hear back.



For now, most of the trolling seems to be on Twitter. A search on both Facebook and Reddit yielded conspicuously few signs of Telugu trolling, so it appears that those platforms may have taken steps to limit the fallout from the iPhone-killing Unicode symbols.

Meanwhile, a thorough blog post by Mozilla engineer Manish Goregaokar suggests that the scope of the Unicode bug could be broader than the two symbols we know. “… From some experimentation, this bug seemed to occur for any pair of Telugu consonants with a vowel, as long as the vowel is not ై (ai),” he wrote. His findings so far:

So, ultimately, the full set of cases that cause the crash are:

Any sequence <consonant1, virama, consonant2, ZWNJ, vowel> in Devanagari, Bengali, and Telugu, where:

consonant2 is suffix-joining – i.e. र, র, য, and all Telugu consonants
If consonant2 is र or র, consonant1 is not the same letter (or a variant, like ৰ)
vowel is not ై or ৌ

TechCrunch has reached out to Twitter, Facebook and Reddit to see how those platforms are handling the bug, which is particularly destructive when blasted out on an open social network. We’ve also been in touch with Apple and they’ve confirmed that there is a “dot update” fix coming soon, though declined to confirm if it would be iOS 11.2.6. Apple noted that the bug is fixed in current betas of iOS, tvOS, macOS and watchOS.

Comments

Popular posts from this blog

Here Are The First Connected Home Devices For Apple’s HomeKit

Apple’s HomeKit is finally starting to roll out to actual consumers, via the first crop of HomeKit-enabled accessories from third-party manufacturers. This means you’ll soon be able to get your hands on a range of products for the connected home that work with Siri on your iOS device, and that you’ll be able to do so as soon as today, since some of the new HomeKit accessories start shipping now. The accessories in question range from sensors, to lights, to thermostats, to smart outlets, and come from a group of accessory-makers with a trusted reputation in the connected home industry. HomeKit may have taken a while to arrive, but it’s doing so in grand fashion, with a practical lineup to get your home connected to your iOS ecosystem in an essential way. Elgato Eve The  Elgato Eve  is a set of connected wireless sensors that monitor key factors like indoor air quality, temperature, humidity as well as conditions outside, like temperature, humidity and air pre...

How to Run Older Applications in Windows 10

You cannot expect all the vendors to upgrade their programs to make them compatible with Windows and neither would you want to purchase all the applications every time a new version of Windows is out. Nonetheless, the fact still remains the same that not all applications are compatible with the latest operating systems and there are times when many applications do not initialize when you upgrade your PC to a newer version of Windows. To make things easy for you, Windows 10 allows you to run the programs in compatibility mode. Running a program in compatibility mode makes the application think that it is installed on an older, compatible version of Windows, thus the software runs without any flaws. There are two ways you can run a program in compatibility mode: Program Compatibility Troubleshooter – This is a step-by-step wizard that allows you to pick a program that you prefer to use and configures it to run in compatibility mode. Compatibility Tab – This tab can...

Google is using machine learning to teach robots how to grasp random objects

Using your hand to grasp a pen that’s lying on your desk doesn’t exactly feel like a chore, but for robots, that’s still a really hard thing to do. So to teach robots how to better grasp random objects, Google’s research team  dedicated 14 robots to the task . The standard way to solve this problem would be for the robot to survey the environment, create a plan for how to grasp the object, then execute on it. In the real world, though, lots of things can change between formulating that plan and executing on it. Google is now using these robots to train a deep  convolutional neural network  (a technique that’s all the rage in machine learning right now) to help its robots predict the outcome of their grasps based on the camera input and motor commands. It’s basically hand-eye coordination for robots. The team says that it took about 3,000 hours of practice (and 800,000 grasp attempts) before it saw “the beginnings of intelligent reacti...

eGym raises $45M Series C for cloud-connected gym equipment and fitness software

eGym , the Munich-based startup that offers cloud-connected gym equipment and supporting cloud software and app for the fitness training floor, has closed $45 million in Series C funding. The round was led by new investor HPE Growth Capital, while existing investors, including Highland Europe, also participated. The problem that eGym is looking to solve is that, whilst gyms have moved from a bodybuilder market to a mass market in the last 20 years, the technology in gyms lags behind. That’s despite the fact that better use of technology can help to reduce customer churn, the biggest pain-point of both gym operator and gym users. Comprising of an app for both gym user and trainer, combined with the company’s connected strength machines, the eGym Cloud makes it possible for gym members to receive better fitness instruction and an evolving and personalised fitness plan based on data collected as they workout. And by providing a better workout feedback loop, gym goers can get an i...

Amazon Is Giving Away Unlimited Cloud Storage For $5.00

Amid a slew of deep discounts appearing on the web today as a part of the shopping holiday Black Friday, Amazon has introduced one deal that’s sort of a no brainer. The company is  giving away unlimited online storage  on its cloud servers for just five dollars. The normal price for this is $60 per year, so this – 92% off – represents a significant savings. The deal is aimed at promoting  Amazon’s Cloud Drive service  – an online storage site that competes with similar services like Dropbox, Google Drive, Microsoft’s OneDrive, and more. Cloud Drive allows you to store documents, music, photos, videos and other files in the cloud, which you can access from any web-connected device, including smartphones and tablets by way of Amazon’s Cloud Drive mobile applications. However, be aware that if you’re planning to use the now $5 service primarily for photo backups, you may already have that option enabled. Amazon Prime currently offers free, unlimited pho...