Researcher: iPhone Crashes Caused by Code Apple Added to Appease Chinese Govt.


Apple released iOS 11.4.1 earlier this week which fixed a couple of security bugs, while introducing a new USB Restricted Mode.

However, security researcher Patrick Wardle has highlighted another bug Apple has fixed in this release, that caused certain iOS devices to crash when users typed the word Taiwan or received messages containing a Taiwanese flag emoji. According to the researcher, the crashes were caused by a code Apple added to iOS to likely appease the Chinese government.

Wardle, who is a former hacker for the National Security Agency, wrote on his blog, “if Apple hadn’t tried to appease the Chinese government in the first place, there would be no bug!”.

He said that he was perplexed when a friend first reported her fully patched, non-jailbroken device crashed every time she typed Taiwan or received a message with a Taiwanese flag. Wardle eventually found a temporary fix, which has now been permanently patched in iOS 11.4.1

After two+ years of being unable to type “Taiwan” or being remotely DOS’d anytime her phone received a Taiwanese flag emoji, the fix (kudos to my friend Josh S. for the idea!), was simply to toggle the region from US to China, then back to US.

I’m not 100% sure why (or how this fixed it), but I’m guessing it either set the “Country” value to “US” so the boolean flag (at byte_1b1c9bb00) was set now to 0x1, meaning CFStringCompare()` was never called… or, that the calls to CFLocaleCopyCurrent()/CFLocaleGetValue() no longer returned NULL, meaning a valid string was passed to CFStringCompare().

Apple has not yet issued any comment regarding the flaw, which the researcher says was indexed as CVE-2018-4290.