Apple’s macOS (formerly OS X) and iOS, once cited by their fanboys as the perfect examples of intuitive, secure and mostly bug-free operating systems, have increasingly been coming under fire for various bugs and security vulnerabilities that are are not only diminishing the user experience, but also leaving users vulnerable to privacy breaches. While many such bugs and security flaws have come to light over the past year, the latest one is a bit of a doozy.
According to a tweet sent out by software developer Abraham Masri, a new bug, called ‘chaiOS’, can apparently “freeze the recipient’s device and possibly restart it” once the victim clicks on a particular link received through a text message. In case you’re wondering what the link contains, Masri says it is a small piece of HTML code buried inside what seems to be a regulation Github link.
What’s interesting is that the chaiOS bug affects the Safari browser on both iOS as well as macOS, so whether you’re using a Mac or an iPhone, trying to open the link is likely to create problems with your device. Often referred to as a “text bomb”, this one’s just the latest in a long line of attacks that use links to crash the devices of innocent victims. One of the best-known examples of such attacks in ‘Effective Power’, which was first reported back in 2015.
Masri said that he contacted Apple about the bug before posting about it online, although, he’s yet to hear back from the Cupertino giant. Masri also says that he has since taken down the link and will not re-upload it because he’s already proven his point.
The bug, while annoying, isn’t dangerous as such. According to security researcher Graham Cluley, the bug is “Nasty. But, thankfully, more of a nuisance than something that will lead to data being stolen from your computer or a malicious hacker being able to access your files”.