Typing Secret Word Will Kill Almost Any App in Apple's OS X Mountain Lion
February 4, 2013 6:38 AM
comment(s) - last by
"It just works." --Apple
While Microsoft Corp. (
) has received much admonishment for its various Windows bugs over the years, it is a dramatic new bug from the brash challenger of the the operating system world, Apple, Inc.'s (
OS X Mountain Lion
(10.8.2), which has people talking. The bug is startling simple, but it can crash almost any OS X app. All you have to do is type a word and a few characters.
I. Universal Crashes
The forbidden word is "File:///" (case sensitive). Type that in virtual any text input form (be it a notepad, a browser dialogue, a document editor, a calendar appointment, etc.) and the program will die. It appears that similar strings ("fILE:///" or "FILE://aa") can also trigger program crahes. In a bizarre twist, some crashes appear to be dependent on how fast you type certain variants (e.g. "File://" followed by characters). An
user named "Jonathan" shares a movie he made documenting that bizarre behavior
Among the programs confirmed to be infected are Tweetbot, Safari, Chrome, and TextEdit. The program appears to be tied somehow to some sort of deep-rooted API embedded into OS X (it appears not to be the spell-check API as the Safari location bar has no spell check, but is still affected).
In a particularly hilarious (or awful) failure, typing the problem string into Apple's Crash Reporter UI crashes the Crash Reporter.
Mountain Lion has a big bug. [Image Source: HD Wallpapers]
The bug does not affect OS X Lion (10.7) or Snow Leopard (10.6).
II. A Partial Fix?
A handful of apps, such as the image-editor Gimp, appear to be immune, perhaps because they disable whatever the trouble-making interface is. Typing the string in these apps will produce no crash.
Some users suggest that going to System Preferences > Language & Text > Text, and unchecking "Correct spelling automatically" and "Use symbol and text substitution" will stop the crashes in some apps. However, commenters say the apps continue in some programs even after doing that.
One loyal Apple user comments on the bug report:
This is actually a feature. It allows you to shut down all applications before shutting down your Mac:
Crashes Finder if typed into a Finder search field (not Spotlight, though). Crashes Safari if typed into the URL bar. Crashes Mail if typed into the search field. Crashes iTunes when typed into the search field. Crashes system-generated keychain unlock prompts (typed into the "Name:" field) Crashes Reminders if typed into the search field. ...
For now the bug is merely "interesting", but it also represents a potential security flaw. If malicious users start to use it in forms-based attacks, it could become a major headache for OS X users.
Apple for years marketed its products under the slogan "It just works", but has been
plagued with software issues
of late. Some blame Tim Cook, Apple's new CEO who replaced the late Steve Jobs, for the slipping quality. Apple's
iOS maps woes
drew a large amount of national news coverage late last year. Tim Cook
publicly apologized to his company's fans
for the poor showing.
We confirmed that the bug crashes both Safari and Searchlight. For us the Crash Reporter did not come up even:
...about to crash!
The shell/terminal program in OS X appears to be immune to the crashes:
We'll update if a patch lands.
This article is over a month old, voting and posting comments is disabled
RE: And that is why you sanitize your text input
2/4/2013 3:06:16 PM
This issue isn't OO or your perceived lesser skillset. There are MANY bugs that originate from lower level languages present today.
The truth is that there simply are MANY MORE programmers than there used to be and many more users.
Simple odds tell you this will cause more bugs to surface. I'll never understand developer snobbery.
Everyone Google's fgor all their answers now, that isn't just a programmer work flow. Are you trying to allege you don't Google for answers? Ok, guess you can keep being the cool guy at the library?
RE: And that is why you sanitize your text input
2/5/2013 5:52:12 PM
Code samples and collaboration on the 'net is normal. Sometimes it's simply a matter of asking the question "Is there a better way to do this because the way I'm trying to do it seems to be ineffecient?". Sometimes a few google searches will net you something you hadn't thought of, sometimes it will simply confirm that yea, there is no real good way to do it and you might need to accept the performance or go back further in the code and try to mitigate the performance hit sooner.
"Young lady, in this house we obey the laws of thermodynamics!" -- Homer Simpson
Quick Note: Apple Explains iPhone 5's Jimi Hendrix Effect
October 8, 2012, 9:54 PM
Apple CEO Tim Cook Apologizes for iOS 6 Maps Fiasco; Tells Customers to Use Bing, Google
September 28, 2012, 9:11 AM
Motorola Pokes Fun at Apple iOS 6 Users' Maps Misery
September 24, 2012, 1:00 PM
Apple Releases OS X 10.8 "Mountain Lion" for $20
July 25, 2012, 11:29 AM
Chinese Government Says Windows 8 is too Expensive, Will Cling to XP
April 23, 2014, 9:45 AM
Sony to Unleash Social SHAREfactory Feature in PS4 Update 1.70
April 17, 2014, 12:43 PM
With XP End of Life, Microsoft Asks Holdouts: How Badly Do You Want XP?
April 8, 2014, 8:00 PM
Windows 8.1 Update 1 is Now Available
April 8, 2014, 1:45 PM
NVIDIA Shield Gets April 2014 Update
April 7, 2014, 6:58 PM
Meet Microsoft's Metrofied Desktop Mode Start Menu
April 3, 2014, 7:23 PM
Most Popular Articles
A Bug's Life: Female Cave Bugs Have Penises, Penetrate Males for Three Days
April 17, 2014, 7:20 PM
HTC Hires Former Samsung Marketing Chief Who Developed "Galaxy" Brand
April 18, 2014, 6:00 PM
NASA Finds "Habitable Zone" Planet Sized Similar to Earth
April 18, 2014, 3:13 PM
Mounties Arrest 19-Year-Old Who Delayed Canada's Tax Filing w/ Heartbleed
April 17, 2014, 3:24 PM
Thanks to Government Crackdown, Chinese "Porn Cop" Has Watched 600K Adult Videos
April 21, 2014, 12:00 PM
Latest Blog Posts
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information