Apple’s China-friendly censorship crashed iPhones; bug now fixed

“Last April, while security researcher Patrick Wardle was attending the RSA security conference in San Francisco, a Taiwanese friend who lived in the city asked to meet for coffee, and for his help with what she described as a serious problem: China, she said, was hacking her iPhone,” Andy Greenberg reports for Wired. “Wardle… met his friend in person [and] she showed him something bizarre: Every time the Taiwanese flag emoji appeared on her iPhone for any reason, the app that had displayed it instantly crashed. That meant, essentially, that anyone could crash Wardle’s Taiwanese friend’s phone at will, simply by sending her any text message that triggered a notification and included the Taiwanese flag.”

“In the months since, Wardle has worked on and off to deconstruct that emoji mystery. What he found — and helped Apple fix — wasn’t the targeted hacking of his friend’s iPhone,” Greenberg reports. “Instead, it was an unintentional bug in a very intentional censorship feature, one that Apple includes in every iPhone in the world in an apparent attempt to placate the Chinese government. ‘Basically, Apple added some code to iOS with the goal that phones in China wouldn’t display a Taiwanese flag,’ Wardle says, ‘and there was a bug in that code.'”

“That code likely represents a favor from Apple to the Chinese government, which for the last 70 years has maintained that Taiwan is a part of China and has no legitimate independent government,” Greenberg reports. “But Wardle found that in some edge cases, a bug in the Taiwan-censorship code meant that instead of treating the Taiwan emoji as missing from the phone’s library, it instead considered it an invalid input. That caused phones to crash altogether, resulting in what hackers call a denial-of-service attack that would let anyone crash a vulnerable device on command.”

Read more in the full article here.

MacDailyNews Take: Ah, the perils of kowtowing too hard; you’ll knock yourself silly and not be able to censor… er, code straight.

SEE ALSO:
China’s internet censors ban use of the letter ‘N’ – February 28, 2018
Apple is under fire for moving iCloud data to China; Amnesty International blasts move – February 28, 2018
Apple moves to store iCloud keys in China, raising human rights fears – February 26, 2018
Apple’s China lesson: Think different, but not too different – February 26, 2018
Apple in talks for first order from a Chinese chipmaker – February 14, 2018
Apple utterly dominates the premium smartphone market in China with 85% share – February 7, 2018
Apple warns users who created Apple IDs overseas on dodging China’s new data law – January 12, 2018
How U.S. iCloud users can ensure their data isn’t migrated to state-owned servers in China – January 11, 2018
Apple sets date to turn over cloud operations to a state-owned data center in China – January 10, 2018
U.S. Senate Republican Marco Rubio hits Tim Cook for kowtowing to China – December 13, 2017
Apple CEO Cook kissed the ring in China because he had no choice – December 4, 2017
Apple CEO Cook in China: Internet must have security, humanity – December 4, 2017
U.S. Senators Ted Cruz and Patrick Leahy blast Apple CEO Tim Cook for removing VPN apps from App Store in China – October 20, 2017
Apple issues statement regarding removal of VPN apps from China App Store – July 31, 2017
Apple removes VPN apps from China App Store – July 29, 2017
Apple sets up China data center to meet new cybersecurity rules – July 12, 2017
Analyst: China iPhone sales are pivotal for Apple – June 26, 2017
In bid to improve censorship, China to summon Apple execs to discuss stricter App Store oversight – April 20, 2017
Apple CEO Tim Cook named recipient of Newseum’s 2017 Free Expression Award – February 2, 2017