or Connect
AppleInsider › Forums › General › General Discussion › iOS 6 jailbreak arrives; URL detection bug crashes most OS X apps
New Posts  All Forums:Forum Nav:

iOS 6 jailbreak arrives; URL detection bug crashes most OS X apps

post #1 of 35
Thread Starter 
Hackers on Monday released a long-awaited untethered software "jailbreak" of Apple's iOS 6. Separately, a newly discovered bug causes most Mountain Lion applications to crash by typing in just 8 characters.

'Evasi0n' brings jailbreak to iPhone 5, iPad mini



Jailbreak


For the first time ever, iPhone 5 and iPad mini owners can jailbreak their device with the release of Evasi0n, the new jailbreak for Apple's iOS 6 mobile operating system. The software hack is available to implement via OS X, Windows, and Linux.

The new jailbreak is untethered, which means users will not have to reconnect their device to a computer to restart it. The hack is compatible with all iPhone, iPad and iPod touch models running iOS 6.0 through iOS 6.1.

Users are advised to backup their device through iTunes or iCloud before beginning the jailbreak process. It's also recommended to disable any passcode locks on an iOS device, as they can cause issues.

Jailbreaking is a legal but warranty voiding process that utilizes exploits in the iOS software to allow users to run unauthorized code. By jailbreaking an iPhone or iPad, users can add features and software not allowed by Apple, such as custom themes or user interface tweaks.

Apple advises against jailbreaking iOS devices, as the unauthorized modification could lead to system instability, compromised security, shortened battery life, and other potential issues.

Minor OS X crashing bug gains attention



OS X


Last week, a URL detection flaw discovered in OS X 10.8 Mountain Lion was publicized and gained attention for the ease with which users can cause almost any Mac application to crash. This can be accomplished by entering "file:///", with an uppercase 'F', into a standard text input space.

Doing this will cause a number of OS X applications, such as TextEdit, to automatically crash. The issue arises from the ability of OS X to detect that the user has input a URL.

Apple's Advanced Technology Group invented "data detectors" in the mid-1990s. The feature fist appeared in the Mac operating system, and allowed the OS to recognized formatted data, like a phone number, within an unstructured document, enabling a user to take action upon the data recognized.

While the bug is interesting because of the ease with which it causes an application to crash, the specific issue is unlikely to have much of an effect on users.
post #2 of 35
Interesting.

Dailytech.com author is writing about "File:///", while AppleInsider is writing about ""file:///", with an uppercase 'F'".

Which OS are authors using, I wonder..? 1wink.gif

Though according to Dailytech, other versions of "file" (such as all-lowercase) can also crash application, in some scenarios.
post #3 of 35

Not sure I understand why you would lump these two stories together.  At a quick glance, the title implies the jailbreak crashes 'most OSX apps'.

 

Am I the only one who read it that way?

post #4 of 35
I have rarely typed that string with two slashes... maybe 3 times in my life... and never with three. If I did, it would be in TextWrangler, which is unaffected. Interesting bug, though. I can see how it might not be caught: few would ever type that, and then someone might not realize what the trigger was and fail to report it accurately to Apple.
post #5 of 35

"This can be accomplished by entering "file:///", with an uppercase 'F', into a standard text input space"

 

Alright. 

 

What sort of average consumer would actually type that?    *confused*

post #6 of 35
There could be a way to cause (a little) mayhem by delivering this File:/// string to someone (perhaps using JavaScript or convincing someone to copy and paste text including this). What's the over-under on how long until Apple fixes this? 3 weeks?
post #7 of 35
Quote:
Originally Posted by thon View Post

Not sure I understand why you would lump these two stories together.  At a quick glance, the title implies the jailbreak crashes 'most OSX apps'.

 

Am I the only one who read it that way?

 

No you are not the only one. 

post #8 of 35

Should assertions be compiled in to your release build? Still, an easy enough bug to make and fix.

post #9 of 35
"The feature fist appeared..." I didn't realise it even had hands!
post #10 of 35

We had fun with this command at work today....

post #11 of 35
Quote:
Originally Posted by Quadra 610 
What sort of average consumer would actually type that?    *confused*

If you save a webpage and open it, the URL begins with that - it's a sort of local version of http://. It's unlikely that it would be entered with nothing after it but it's worrying that applications crash because of this. If someone sends a tweet or email with it for example, does it crash those apps? The data detection process should be able to crash without taking the application with it.
post #12 of 35
Quote:
Originally Posted by ascii View Post

Should assertions be compiled in to your release build? Still, an easy enough bug to make and fix.

Still a text input by a non-su/wheel user should not be able to access files in "/" anyway so the third slash should trigger some defense with or without a capital "F".

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #13 of 35
Quote:
Originally Posted by AppleInsider View Post

Last week, a URL detection flaw discovered in OS X 10.8 Mountain Lion was publicized and gained attention for the ease with which users can cause almost any Mac application to crash. This can be accomplished by entering "file:///", with an uppercase 'F', into a standard text input space.

I'm surprised to see AppleInsider talk about a "URL." Isn't it supposed to be RUL? /s

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #14 of 35
Quote:
Originally Posted by AppleInsider View Post

Hackers on Monday released a long-awaited untethered software "jailbreak" of Apple's iOS 6. 

'Evasi0n' brings jailbreak to iPhone 5, iPad mini

 

No mention of a jailbreak for AppleTV 3? I'll go buy one today (okay, next week) if I can put Plex on it :)

post #15 of 35
Quote:
Originally Posted by djames4242 View Post

 

No mention of a jailbreak for AppleTV 3? I'll go buy one today (okay, next week) if I can put Plex on it :)

 

Save yourself some time and get a Roku 2 XS. Works great and you can get them refurbed for $60.00

 

 

Quote:
The reason why they are analysts is because they failed at running businesses.

 

Reply

 

 

Quote:
The reason why they are analysts is because they failed at running businesses.

 

Reply
post #16 of 35
Originally Posted by gwmac View Post
Like others, the title implies that the new jailbreak will cause bug crashes to most OS X apps. 

 

I really don't see where there would be confusion. The title's separated. 

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply

Originally Posted by Slurpy

There's just a TINY chance that Apple will also be able to figure out payments. Oh wait, they did already… …and you’re already fucked.

 

Reply
post #17 of 35
Quote:
Originally Posted by emig647 View Post

 

Save yourself some time and get a Roku 2 XS. Works great and you can get them refurbed for $60.00

 

Oh, I have a Roku and love it, but I also have a first generation AppleTV and still prefer its interface. Also I suspect the Plex app folks are using on the AppleTV 2 (judging by the iPhone app) is superior to the one written for the Roku (the Roku app works fine but is lacking much of the interface customization and improvements on the iOS and Mac clients).

post #18 of 35
Typing that on TextEdit causes it to crash on an exception, which subsequently causes the report form to crash as well when the same string is displayed. It's hilarious.
post #19 of 35

I noticed I had to type File:/// and not file:///. Crashes spotlight too. Hope they patch this very very soon. 

post #20 of 35
Quote:
Originally Posted by djames4242 View Post

 

No mention of a jailbreak for AppleTV 3? I'll go buy one today (okay, next week) if I can put Plex on it :)

 

They specifically said the new jailbreak does not work with ATV 3.

post #21 of 35
Quote:
Originally Posted by enjourni View Post

 

They specifically said the new jailbreak does not work with ATV 3.

That's why he wants one.

melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #22 of 35
Quote:
Originally Posted by enjourni View Post

 

They specifically said the new jailbreak does not work with ATV 3.

 

Hmm, I didn't see that anywhere - although not seeing any mention of the AppleTV, I assumed it was excluded from this Jailbreak (but still hoped it was an inadvertent omission!). Bummer...

post #23 of 35
Quote:
Originally Posted by jcbigears View Post

"The feature fist appeared..." I didn't realise it even had hands!

Maybe the author was feeling a little punchy.

post #24 of 35

The file slash slash slash thingy doesn't seem to kill Firefox. Which is good.

 

Can't test it in Safari... too many important tabs I need to keep open!

post #25 of 35
Quote:
Originally Posted by mstone View Post

Still a text input by a non-su/wheel user should not be able to access files in "/" anyway so the third slash should trigger some defense with or without a capital "F".

 

?

 

Everything is "in /" - its the root of the filesystem.

 

file:///tmp/

file:///Users/foo/Desktop/

 

If you can't read /, you are going to have a hard time getting anywhere...

post #26 of 35
Quote:
Originally Posted by Suddenly Newton View Post


Yeah, dailytech.com is staffed by Microsoft/ Windows/ PC apologists. Those guys view everything Apple-related with barely disguised contempt.

 

Sort of how AI and much of it's users view anything Microsoft/Windows/PC and Android-related, eh?

post #27 of 35
Quote:
Originally Posted by djames4242 View Post

 

Hmm, I didn't see that anywhere - although not seeing any mention of the AppleTV, I assumed it was excluded from this Jailbreak (but still hoped it was an inadvertent omission!). Bummer...

 

Story is on the JB groups blog. Something about the way they changed the file structure on the ATV3 makes this exploit useless.

post #28 of 35
I jailbroke my iPhone 5...Cydia seems to be working for me..?

 

 


Tim Cook using Galaxy Tabs as frisbees

 

Reply

 

 


Tim Cook using Galaxy Tabs as frisbees

 

Reply
post #29 of 35
Looks like some around here are all upset a jailbreak has arrived...
post #30 of 35
Quote:
Originally Posted by Cash907 View Post

Sort of how AI and much of it's users view anything Microsoft/Windows/PC and Android-related, eh?

Bullseye.

I'd give you three slashes for that, but I fear I might crash Gazobee's browser and give him a reason to call me names again.

1biggrin.gif
post #31 of 35
Quote:
Originally Posted by hentaiboy View Post

It amuses me that iFans are so eager to quote the 'Apple Ecosystem" as a reason for owning iDevices, then at the earliest opportunity try and escape said 'Ecosystem' through jailbreaks lol.gif

 

Not sure I follow. I've jailbroken my phones all the way back to the original iPhone. Does a jailbreak hinder my ability for my iPhone to talk to my Mac? No. My Apple TV? No. iTunes? The App Store? No, and no. So how exactly am I escaping or evading this ecosystem?

post #32 of 35
The same happens as File: with///behind: type //abc after the File:
post #33 of 35
Quote:
Originally Posted by mstone View Post

Still a text input by a non-su/wheel user should not be able to access files in "/" anyway so the third slash should trigger some defense with or without a capital "F".

Yup that was my first thought when I read about it - something to do with "/" and the sandboxing. But on closer inspection it looks like maybe they have some kind of recogniser module that is case insensitive, feeding to a processor module that is case-sensitive and promptly spits the dummy.

post #34 of 35
Quote:
Originally Posted by Vaelian View Post

Typing that on TextEdit causes it to crash on an exception, which subsequently causes the report form to crash as well when the same string is displayed. It's hilarious.

Kind of a chain reaction with only two chains. Yeah quiet funny this bug.

post #35 of 35

A fairly impressive number of iOS users have already jailbroken their devices with the latest evasion tool... 7 million in just four days. Looks like there was quite a bit of pent-up demand.

 

As of Thursday night, Freeman’s alternative app store had received visits from 5.15 million iPhones, 1.35 million iPads, and 400,000 iPod touches that were jailbroken with evasi0n, the first jailbreaking software for the iPhone 5 and iOS 6.1.

melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › iOS 6 jailbreak arrives; URL detection bug crashes most OS X apps