People are trolling iPhone users with the ‘killer symbol’ that crashes their apps

Surprise! Assorted jerks on the internet have weaponized the Unicode-based bug we reported yesterday to insta-crash apps running on an iPhone or a Mac. The result is somewhere between the old Alt + F4 trick and a script kiddie stunt, and it ranges from being annoying to rendering a device unusable, depending on the tenacity of the troll.

The bug causes many iOS and Mac apps to crash when rendering two characters in Telugu, a south Indian language. While anyone can avoid viewing the symbols themselves, problems arise when someone ill-intentioned starts spamming out the symbols or sending them directly to devices where they will be received as a notification.

Droves of Twitter users have taken to tweeting the symbols out over the last day with messages like “read this to log off instantly” and “retweet this to crash anyone using an Apple device,” though luckily most of them don’t have many followers. Still, if the symbol shows up in your @ replies or in the handle of someone who likes one of your tweets, then it’s game over for whatever app you have open (Motherboard writer Joseph Cox learned this the hard way). From what we’ve observed, the only way to get an app working again is to reinstall it from scratch — a time-consuming process, especially if a troll just crashes it all over again.

As captured on Twitter, one security researcher added one of the symbols to his Uber handle as an experiment. “I suspect a crashed phone means you get routed to the next driver… who gets crashed too. Like an Uber routing worm,” he wrote. We reached out to Uber to see if they’re aware of the issue and will update when we hear back.

For now, most of the trolling seems to be on Twitter. A search on both Facebook and Reddit yielded conspicuously few signs of Telugu trolling, so it appears that those platforms may have taken steps to limit the fallout from the iPhone-killing Unicode symbols.

Meanwhile, a thorough blog post by Mozilla engineer Manish Goregaokar suggests that the scope of the Unicode bug could be broader than the two symbols we know. “… From some experimentation, this bug seemed to occur for any pair of Telugu consonants with a vowel, as long as the vowel is not ై (ai),” he wrote. His findings so far:

So, ultimately, the full set of cases that cause the crash are:

Any sequence <consonant1, virama, consonant2, ZWNJ, vowel> in Devanagari, Bengali, and Telugu, where:

consonant2 is suffix-joining – i.e. र, র, য, and all Telugu consonants
If consonant2 is र or র, consonant1 is not the same letter (or a variant, like ৰ)
vowel is not ై or ৌ

TechCrunch has reached out to Twitter, Facebook and Reddit to see how those platforms are handling the bug, which is particularly destructive when blasted out on an open social network. We’ve also been in touch with Apple and they’ve confirmed that there is a “dot update” fix coming soon, though declined to confirm if it would be iOS 11.2.6. Apple noted that the bug is fixed in current betas of iOS, tvOS, macOS and watchOS.

Comments

How ad-free subscriptions could solve Facebook

At the core of Facebook’s “well-being” problem is that its business is directly coupled with total time spent on its apps. The more hours you pass on the social network, the more ads you see and click, the more money it earns. That puts its plan to make using Facebook healthier at odds with its finances, restricting how far it’s willing to go to protect us from the harms of over use. The advertising-supported model comes with some big benefits, though. Facebook CEO Mark Zuckerberg has repeatedly said that “We will always keep Facebook a free service for everyone.” Ads lets Facebook remain free for those who don’t want to pay, and more importantly, for those around the world who couldn’t afford to. Ads pay for Facebook to keep the lights on, research and develop new technologies, and profit handsomely in a way that attracts top talent and further investment. More affluent users with more buying power in markets like the US, UK, and Canada command higher ad prices, effectively...

Windows 7 and 8.1 Update to Windows 10 automatically

Windows 10 downloader While it might be a bit too early to start getting excited over the Windows 10 update , which isn't expected to arrive until summer, Microsoft seems to already be warming up people's computers just the same. A recommended, and therefore purely optional, update for Windows 7 Service Pack 1 and Windows 8.1 has been discovered to be laying the groundwork for those machines' eventual upgrade to Windows 10. Although the Windows 10 release date was not announced officially, the details of this update also reveal how Microsoft might try to convince users to update to the latest Windows 10 version. The KB3035583 update "enables additional capabilities for Windows Update notifications when new updates are available to the user", which sounds pretty common. That is, until you dig into the update files and see a certain GWXUXWorker.exe which, upon further inspection, would actually "Download Windows 10". So this rather ...

Anyline Raises €1.5M To Let You Add Optical Character Recognition To Your App

Anyline , the Austrian startup that provides mobile OCR tech to enable developers to add text recognition to their own apps, has raised €1.5 million in funding. The list of investors is interesting, too. It includes angel investor Johann ‘Hansi’ Hansmann, busuu co-founder Bernhard Niesner, Lukas Püspök, and the U.S.-based VC-fund iSeed Ventures. However, most notable is that the round was led by Gernot Langes-Swarovski Group. As one investor put it to me, “the fact that the Swarovski family led the round shows that finally ‘old’ money is moving into Austrian startups”. Offering its own mobile Optical Character Recognition (OCR) technology — which uses a smartphone’s camera to accurately scan and recognise any kind of text, code or number — Anyline co-founder and CEO Lukas Kinigadner tells me the startup is built on the premise that “people screw up a lot”. “Mistakes happen easily when you’re writing down a 10-digit-number and then have to type it in again a few moments later...

Three Reasons Why You Need Better Personal Cyber security

From the infamous Sony hack to the recent WannaCry virtual catastrophe that affected over 300,000 computers, the need for reliable personal cyber security has never been more apparent. Rubica's skilled team of experts want to remind every one of the importance of cyber security and the three reasons why it is becoming a more pressing issue every day. With top-notch personal cyber security, most attacks are preventable. 1. Larger Number Of Attacks Americans have heard of the most notable attacks on major corporations or government entities over the past several years. However, most people who are not in the information security field do not learn just how much the attack frequency is growing. The number of cyber attacks carried out worldwide in 2015 was quadruple a number of attacks recorded in 2013. Although the cost associated with the number of annual recorded attacks is in the $500 billion range right now, experts say that it will grow well into the trillions by ...

Insure Your Family by Controlling Devices Through an App

AIR: YOUR SMART HOME Have you ever rushed to your house suspecting that you may have accidently kept the iron turned on? How do you deter a burglar from breaking into your house? You probably would rush to your house and manually turn off the switch in the first instance, and get a burglar alarm for the next. But what if there were a single solution for both? Humans are delegating a lot of menial and repetitive tasks to machines. And as far as errands in your house and offices are concerned, the good news is – you can control appliances through your smart phone. INTRODUCING AIR: YOUR SMART HOME Air app, which is available on both Android and Apple platforms, interacts with your devices and switches them off with a single tap. AIR MOBILE APP The app is complemented with a package that consists of a pentagonal-shaped unit and switchboard module. Once you install air unit; your smartphone can interact with it using the Air App. Thereafter, the unit instructs the...

Exciting Technology

Search This Blog