Missed Text Messages Crashing iPhones? You Don’t Even Have to Click on This One to Do the Damage

Author Photo
Jan 17, 2018
19Shares
Submit

It’s been quite a few months since we last saw a “dangerous” string pushing iPhones to their sudden (temporary) deaths. In yet another case of random strings crashing iOS devices, we have a new culprit that manages to freeze iPhone. Detailed by software developer Abraham Masri, the bug has been named as chaiOS. The problem with this prank, however, is that you don’t even need to click on it for it to freeze your iPhone.

All that a hater needs to do is to have your phone number and send a link. The bug requires no action from your side. In a tweet, Masri wrote that if someone texts the malicious link http://iabem97.github.io/chaiOS, it will freeze the recipient’s device, and possibly restart it. [This link would no longer work as GitHub temporarily suspended Masri’s account and the chaiOS repository appears to have been removed]

iphone-8-teardown-4Related The 2018 iPhone X(s), iPhone X(s) Plus & iPhone 9 Will Feature 9V 3A Charging Believes Analyst

chaiOS works by inserting hundreds of thousands of characters into a web page’s metadata. Apple allows developers to customize the image and title of a link that is shared via Messages for a better preview. However, if someone injects an excruciatingly long string and then the Messages app has to show a preview of that link based on the metadata, it essentially crashes.

While GitHub has removed the repo from Masri’s account, it has been copied by others. “My GitHub is publicly accessible, so anyone can copy. I’m pretty sure someone else has posted it, but I’m not going to rehost it,” Masri said.

173458te40e4v9ye4j5t9e-2Related Late To The Bandwagon? Shaky Supply Chain Reports 2019 iPhone Lineup Will Feature USB Type-C Port Instead Of Lightning

Talking to BuzzFeed, another security researcher who tested the bug confirmed that “the device will freeze for a few minutes. Then, most of the time, it resprings.” However, several people suggest that the Messages app continues to crash even after the phone comes back to life. The bug has been tested on iOS 10 through iOS 11.2.5 beta 5 and appears to affect all the iPhones. The issue might affect other iOS devices and Macs, as well.

Masri doesn’t want you to freeze iPhones with this link – it’s supposed to be just a warning to Apple

Masri said he posted this bug publicly because Apple never takes these issues seriously. This bug doesn’t just temporarily freeze the device, but continues to create issues for the user. Researchers have advised to delete the thread if you see such a link being sent. However, in some cases, Messages app starts to crash right when you open it making you unable to delete the troubling messages.

On the Twitter thread of Masri’s report, some have suggested to go for the Limit Adult Content option to block GitHub.

  • Head over to Settings > General
  • Tap on Restrictions > Enable Restrictions > Websites > Limit Adult Content > Never Allow > GitHub.io

The above, however, won’t protect you if the string has been hosted elsewhere. If Messages app continues to crash, you might have to restore your iOS device, which is a pain. Let’s hope Apple responds quickly to this issue with a software update.

While some are upset with Masri for publicly sharing the issue, he said that it was done to make a point; “Apple needs to take such bugs more seriously.”

Submit