Apple Tries to Appease China… Ends up Crashing iPhones and Censoring Content


Apple reportedly altered some code to help China not get too angry over its "Taiwanese claim." Since 2017, iOS tried to censor Taiwanese flag emoji when an iPhone was being used in China, making people in the country believe that Taiwan didn't exist at all. [China doesn't recognize Taiwan's independence]

Texts that used the emoji would display a box with a cross over it - a case of missing emoji. However, a side effect of this localized censorship was iPhone crashes and DOS attacks. On the side of the recipient, whenever an app would show the flag emoji, it would end up crashing. If someone with their location set to China would try typing "Taiwan," their iPhone would end up crashing, as well.

M2 MacBook Pro Has Incredible Battery Life as Reviewer Purposely Tries to Drain It Faster, but Ends up With Runtime of 16+ Hours

Researcher discovers bug introduced by Apple itself to iOS and the "emoji-censorship" that crashed iPhones

Patrick Wardle, one of the popular names in the cybersecurity industry, discovered this issue when a friend contacted him believing that China was trying to hack her phone.

"She claimed that any time she typed the word Taiwan or worse, received a message with a Taiwanese flag (??) it would crash the application on her (fully patched) iOS device," Wardle writes.

"Basically, Apple added some code to iOS with the goal that phones in China wouldn't display a Taiwanese flag and there was a bug in that code."

The problem didn't appear for all devices as it affected some edge cases where the iPhone likely "got confused about what region or locale it should be in," Wardle writes.

After two years of not being able to type Taiwan "or being remotely DOS'd anytime her phone received a Taiwanese flag emoji," the fix that she needed was simply to toggle the region from the US to China and then back to the US.

iPhone 14 Pro Models to Feature Always-On Display For iOS 16 Lock Screen Widgets

Wardle did report this bug to Apple, which turned out to be the company's attempt at censoring content to placate China. Tracked as CVE-2018-4290, Apple only mentions the following about this bug fix in iOS 11.4.1.

Impact: Processing an emoji under certain configurations may lead to a denial of service

Description: A denial of service issue was addressed with improved memory handling.

So, there you have it. While usually a champion of user security and privacy, the tech giant does appear to be engaging in censorship. However, a flaw in the code hit back since this bug could have been used by anyone to crash a device by simply sending a text message with the Taiwanese flag.

Apple has previously attracted the ire of the United Nations over banning unapproved VPN apps from the Chinese App Store and moving Chinese users' data to servers within the country. The company is yet to apologize or even respond to this current incident.

- For technical details, head over to Wardle's blog post.