Phishing by Jonathan Zdziarski

Attacking the Phishing Epidemic


As long as people can be tricked, there will always be phishing (or social engineering) on some level or another, but there’s a lot more that we can do with technology to reduce the effectiveness of phishing, and the number of people falling victim to common theft. Making phishing less effective ultimately increases the cost to the criminal, and reduces the total payoff. Few will argue that our existing authentication technologies are stuck in a time warp, with some websites still using standards that date back to the 1990s. Browser design hasn’t changed very much since the Netscape days either, so it’s no wonder many people are so easily fooled by website counterfeits.

By Jonathan Zdziarski

Mac and iOS bug crashes apps with a single character

Mac and iOS bug crashes apps with a single character

Even the Apple Watch is affected.

Jamie Rigg, 2h ago

Apple only recently fixed a bug called “chaiOS” that would cause iMessage on iOS devices and Macs to crash with a simple link, and now it’s got another, more widespread issue on its hands. As explained by Mobile World and replicated by The Verge, a lone Indian-language character is capable of crashing a number of messaging apps on iOS. The problem also extends to the Apple Watch and even Macs, all of which struggle to process the character specific to the Telugu language spoken in India.

The character, when received or even pasted into iMessage, will at least crash the app if not the entire iOS SpringBoard (the core software that runs the iOS home screen). Other communication apps react the same way, including WhatsApp, Twitter, Facebook Messenger, Gmail and Outlook. Telegram and Skype are immune, it seems. Apparently, watchOS apps don’t fare any better, while the character will also crash Mac software such as Note, Safari and the App Store, according to Mobile World.

The bug is particularly frustrating for iPhone users, because once the character has been received by iMessage, Facebook Messenger et al, that app will continue to crash every time you try to load it up again, effectively shutting you out. Your only hope is to find a way to delete the message or email from another device to free your iPhone from its cycle of trying and failing to load the character. For example, The Verge recommends getting someone to send you an SMS so you can get back into iMessage through that notification and delete the thread containing the bad character from your conversations list. Similarly, you could try logging into Gmail from a computer to delete the offending email.

Fortunately, this frustrating bug shouldn’t survive much longer. It affects devices running iOS 11.2.5, but has already been addressed in the latest beta software for both iPhones and Macs. That’s all Apple would say on the matter for now. These things tend to pop up occasionally and are usually squashed relatively swiftly. Just a few weeks ago, Apple issued a fix for the chaiOS bug that seems to be related to another messaging glitchtastrophe in 2015 called “Effective Power.”

In late 2016, a bug was discovered that would freeze iOS devices when a user tried to play a specific video in Safari; and just before the new year, a simple date bug caused iPhones running the latest software to reset on their own.

♪───O(≧ RoyalElf ≦)O────♪