iPhone Bug Freezes Your Phone With Just One Link -- Security Today

iPhone Bug Freezes Your Phone With Just One Link

The chaiOS bug can freeze or restart your phone without even having to click the link.

By Sydny Shepard
Jan 19, 2018

Imagine receiving a text from someone, you open the thread and see the text is actually a link. Before you even click on the link, your phone freezes up or restarts, throwing you into a panic. Unfortunately, this can happen. It is the exact bug software developer Abraham Masri found in iPhones this past week.

Masri announced the bug, which he aptly named "chaiOS," on his Twitter account and explain that it exploits the fact that iMessages preloads any links to webpages so it can show users a preview of the page. In an interview with Buzzfeed News, Masri explained that he create a webpage hosed on GitHub and stuffed its metadata with hundreds of thousands of unnecessary characters causing your phone to crash when trying to load all of the unexpected information, sometimes taking the entire operating system down with it.

In other news, I found a (small) bug that causes device to freeze, respring, drains battery, and/or sometimes panic.
No need to install anything. Just open, tap then paste. (iOS only).https://t.co/4PxjA6oqiy
thanks to @aaronp613 @garnerlogan65 @lepidusdev @brensalsa for testing
— Abraham Masri (@cheesecakeufo) January 16, 2018

Initially, Masri had posted a link that used the chaiOS in a Tweet on his account, but the page, and a few others that mirror the bug, has since been taken down by the host site. Masri said he isn't going to re-upload the bug, saying he only released it to "get Apple's attention."

No, I'm not going to re-upload it. I made my point. Apple needs to take such bugs more seriously.
— Abraham Masri (@cheesecakeufo) January 17, 2018

Apple has announced they will release a fix for the bug next week.

About the Author

Sydny Shepard is the Executive Editor of Campus Security & Life Safety.

Featured

TSA Awards Rohde & Schwarz Contract for Advanced Airport Screening Ahead of Soccer World Cup 2026

Rohde & Schwarz, a provider of AI-based millimeter wave screening technology, announced today it has won a multi-million dollar award from TSA to supply its QPS201 AIT security scanners to passenger security screening checkpoints at selected Soccer World Cup 2026 host city airports. Read Now
- Airport Security
Brivo, Eagle Eye Networks Merge

Dean Drako, Chairman of Brivo, the leading global provider of cloud-native access control and smart space technologies, and Founder of Eagle Eye Networks, the global leader in cloud AI video surveillance, today announced the two companies will merge, creating the world’s largest AI cloud-native physical security company. The merged company will operate under the Brivo name and deliver a truly unified cloud-native security platform. Read Now
- Artificial Intelligence
Security Industry Association Announces the 2026 Security Megatrends

The Security Industry Association (SIA) has identified and forecasted the 2026 Security Megatrends, which form the basis of SIA’s signature annual Security Megatrends report defining the top 10 factors influencing both near- and long-term change in the global security industry. Read Now
- Artificial Intelligence
The Future of Access Control: Cloud-Based Solutions for Safer Workplaces

Access controls have revolutionized the way we protect our people, assets and operations. Gone are the days of cumbersome keychains and the security liabilities they introduced, but it’s a mistake to think that their evolution has reached its peak. Read Now
- Access Control
A Look at AI

Large language models (LLMs) have taken the world by storm. Within months of OpenAI launching its AI chatbot, ChatGPT, it amassed more than 100 million users, making it the fastest-growing consumer application in history. Read Now
- Artificial Intelligence

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Mobile Safe Shield

SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.
Camden CV-7600 High Security Card Readers

Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure.
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities