Poorly behaved app causing crashes and link problems for some iOS 9.x users
- Thread starter JournalBot
- Start date
Upvote
0
(18
/
-18)
Don't have ill will towards the Booking.com people. It's a bad coincidence that their recent app associations file update triggered this long existing iOS security bug.
And yes, it's a security bug because a third party app file shouldn't be able to kill iOS like this. While it's likely not an RCE vulnerability, it's definitely a denial of service.
Restoring will fix it if the uninstall voodoo doesn't, but that's a shotgun fix of last resort. After you fix it, you can reinstall the Booking.com app without issue as they fixed it server-side.
The convoluted voodoo fix has only been confirmed to work for two people. I was one. The issue is that it's a race to uninstall Booking.com before the swcd daemon starts being killed by Jetsam in a loop.
And yes, it's a security bug because a third party app file shouldn't be able to kill iOS like this. While it's likely not an RCE vulnerability, it's definitely a denial of service.
Restoring will fix it if the uninstall voodoo doesn't, but that's a shotgun fix of last resort. After you fix it, you can reinstall the Booking.com app without issue as they fixed it server-side.
The convoluted voodoo fix has only been confirmed to work for two people. I was one. The issue is that it's a race to uninstall Booking.com before the swcd daemon starts being killed by Jetsam in a loop.
Upvote
4
(31
/
-27)
I had an issue with 9.2.1 when I tapped on a hyperlink it would fail to open, but when I clicked on it again after a few seconds it would work. It only happened occasionally, and occurred on different sites.
Upvote
2
(3
/
-1)
Not surprised at all it's booking.com. They're hiring aggressively in South America and the horror stories about Perl spaghetti were enough to turn off most people that were initially interested. I guess they're still doing the old "why do something smart if you can also copy paste all your code and data around?"
Upvote
10
(20
/
-10)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30905839#p30905839:2zboiecx said:
Yeah, to their credit they appear to have fixed their file in short order. Hopefully Apple can do the same.
Upvote
11
(17
/
-6)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30905911#p30905911:9ej8oent said:
I uninstalled the app, rebooted and Safari is still broken for me…
Upvote
9
(10
/
-1)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30905907#p30905907:9oetfzxh said:
The booking.com people seemed to have fixed it nearly immediately after they were contacted, at 1:30am PDT or so. I'm more worried (Responsible Disclosure) that I was the one that contacted them first.
The issue is that the broken swcd db data is stored in the keychain (not the iCloud Keychain part), which makes it nigh impossible for people to clear on non-jailbroken iOS devices.
Upvote
24
(25
/
-1)
I was having weird problems with Booking.com in Safari on Mac OS X a few months ago, where it would have extremely slow page-load times and beachball the app. I ended up switching to Chrome to use the site. I wonder if this was related...?
Upvote
-4
(2
/
-6)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30905911#p30905911:17um6tjb said:
Only if you uninstall it while swcd is running properly. If it's in a crashing/dying loop, it will never get the uninstall notification and the bad data will remain.
If you can connect to the iOS device using Xcode or Apple Configurator, you can view the live console log and see if there's a relaunch cycle.
Upvote
41
(42
/
-1)
Disabling JavaScript really only enables Google search results again. The search results page does weird things to links with JavaScript that triggers swcd (the global link handler) that triggers a crash/freeze.
Even without JavaScript, long pressing links in MobileSafari will still result in a freeze. As will using the "Open in Safari" action on share sheets.
Upvote
11
(11
/
0)
I haven't had the installer work for me yet. Granted, I'm not sure I want to at the moment anyway. Mine keeps popping up telling me that I'm not connected to the internet. Yet, I can surf around with no issues.
Probably unrelated to the issue at hand, but I'm fine holding off for now. I might try rebooting in a couple days.
Probably unrelated to the issue at hand, but I'm fine holding off for now. I might try rebooting in a couple days.
Upvote
1
(1
/
0)
Ah, an unsuccessful defense of bad user input.
Little Bobby Tables claims another victim.
Little Bobby Tables claims another victim.
Upvote
9
(15
/
-6)
You probably downloaded the update before Apple pulled it for the activation issue. Go to Settings > General > Storage > Manage Storage to delete the update. Then check for updates again to get the fixed one.[url=http://meincmagazine.com/civis/viewtopic.php?p=30906035#p30906035:1n1e4523 said:
Upvote
8
(8
/
0)
Well, I do suffer from this bug on an iPhone 6 and both the cause and temporary fix do not really interest me at this point (work causes me to carry 2 phones, one of them an Android which has its own "perks" but it does browse reliably).
What does concern me is the amount of testing that apparantly goes into what is arguably the most used feature of a smartphone. The fact that the browser actually works reliably in a normal user environment.
Add to that the extensive issues with activations, for which they had to pull the entire 9.3 update for a short while and my trust in iOS updates is quickly declining.
Declining trust in OS updates is a major issue, especially when it is the only way to perform security patches on iOS, leaving users vulnerable for a longer time because they no longer want to be the guinea pig.
-edited to add consequence to my observation
What does concern me is the amount of testing that apparantly goes into what is arguably the most used feature of a smartphone. The fact that the browser actually works reliably in a normal user environment.
Add to that the extensive issues with activations, for which they had to pull the entire 9.3 update for a short while and my trust in iOS updates is quickly declining.
Declining trust in OS updates is a major issue, especially when it is the only way to perform security patches on iOS, leaving users vulnerable for a longer time because they no longer want to be the guinea pig.
-edited to add consequence to my observation
Upvote
-16
(8
/
-24)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30905957#p30905957:2y5yd3f5 said:Rosyna[/url]":2y5yd3f5][url=http://meincmagazine.com/civis/viewtopic.php?p=30905911#p30905911:2y5yd3f5 said:
Only if you uninstall it while swcd is running properly. If it's in a crashing/dying loop, it will never get the uninstall notification and the bad data will remain.
If you can connect to the iOS device using Xcode or Apple Configurator, you can view the live console log and see if there's a relaunch cycle.
I'm frankly baffled that people keep downvoting you, since you seem to be filling in a lot of interesting and salient details.
Okay, I guess I'm not actually baffled since I've been on the receiving end myself of how people respond when you're listing factual information that isn't 100% fluff propaganda for what people have irrationally decided is their "side", but it's still kindof depressing.
Anyways, if I'm understanding you right, the problem is that the portion of the uninstall process that removes the association listings is unable to fulfill its task because the daemon it's meant to communicate with for this purpose is (because of this very problem) unresponsive? In that case does the update also have no effect for folks where the daemon is already in its crash loop?
Upvote
31
(35
/
-4)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30906197#p30906197:16a33etw said:
They indicated via a DM on Twitter I was the first…
And I said Responsible Disclosure because I believe if someone finds a problem with software, they should tell the vendors before publicizing it.
Upvote
37
(37
/
0)
Can we take a moment to appreciate the fact that someone probably had to write those in.
Upvote
15
(16
/
-1)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30906241#p30906241:3a1k2tfb said:
Plus, you've never seemed the type to make a statement w/out a way to back it up.
Upvote
9
(9
/
0)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30906211#p30906211:1n9ppiik said:keithzg[/url]":1n9ppiik][url=http://meincmagazine.com/civis/viewtopic.php?p=30905957#p30905957:1n9ppiik said:Rosyna[/url]":1n9ppiik][url=http://meincmagazine.com/civis/viewtopic.php?p=30905911#p30905911:1n9ppiik said:
Only if you uninstall it while swcd is running properly. If it's in a crashing/dying loop, it will never get the uninstall notification and the bad data will remain.
If you can connect to the iOS device using Xcode or Apple Configurator, you can view the live console log and see if there's a relaunch cycle.
I'm frankly baffled that people keep downvoting you, since you seem to be filling in a lot of interesting and salient details.
Okay, I guess I'm not actually baffled since I've been on the receiving end myself of how people respond when you're listing factual information that isn't 100% fluff propaganda for what people have irrationally decided is their "side", but it's still kindof depressing.
Sometimes I think my hopeful cynicism/depression comes off as egomania.
Correct. swcd owns the Universal Links keychain item that needs modified on app uninstall.
The Universal Links documentation says the http://booking.com/apple-app-site-association is downloaded on on app install. Sadly, it never says how the data is updated or when iOS checks for association updates.
People have been trying to wait for timeouts for over 12 hours now with no luck. Some have even tried date changing to no avail.
Upvote
7
(8
/
-1)
As if to disabuse me of any ideas I might be entertaining of buying an iPhone... 
No, no, to be fair, this will be patched quickly. On a regular Android device, you'd be proper hosed, since the carriers would take somewhere between figurative and literal forever to put out the patch, assuming the manufacturer ever bothered to release one. :/
Still, it's nice to know you can just go in with a browser and edit a system file on rooted (and preferably unlocked) Android...tradeoffs, tradeoffs...
Edit: Not being able to turn this functionality off altogether is a major un-selling point.
No, no, to be fair, this will be patched quickly. On a regular Android device, you'd be proper hosed, since the carriers would take somewhere between figurative and literal forever to put out the patch, assuming the manufacturer ever bothered to release one. :/
Still, it's nice to know you can just go in with a browser and edit a system file on rooted (and preferably unlocked) Android...tradeoffs, tradeoffs...
Edit: Not being able to turn this functionality off altogether is a major un-selling point.
Upvote
-10
(7
/
-17)
I believe I've found a partial workaround: links seem to work in Safari's reader mode. Which is, unfortunately, not available on all pages. But it is available here on ars, which is how I found out.
And thanks to Rosyna for suggesting fixes and helping out with knowledge here and on Twitter!
And thanks to Rosyna for suggesting fixes and helping out with knowledge here and on Twitter!
Upvote
8
(8
/
0)
I feature I've always wished for in iOS is some form of user control over URL handling.
Not everyone uses Safari, or the other default apps.
Not everyone uses Safari, or the other default apps.
Upvote
-1
(2
/
-3)
Upvote
-16
(0
/
-16)
As well as safari it appears to be affecting other apps too like Apple News. Clicking a story in Proactive (swipe left on the home screen to access) seems to not respond. However links within Apple News work fine. I'm so confused.
Currently the only way to use safari is through Bing which surprisingly works.
Currently the only way to use safari is through Bing which surprisingly works.
Upvote
1
(1
/
0)
EDIT: my assumptions were wrong. Rosyna informed me this is not a WebKit issue, but rather an issue with iOS's handling of links, which would hit all well-written third-party browsers as well (if they did not include a "disable opening links in apps" setting, I assume).
Old and wrong comment:
This is made much worse (and highlights the problems brought about) by Apple's insistence that no other browser engine is allowed on iOS. Chrome and all the others are basically just skins around WebKit, and are thus also vulnerable to this defect.
To clarify: chrome suffers from the same disability to open links by tapping them on affected devices, because it is not allowed to use Google's own WebKit fork, Blink. However, they do something different for long-press events, so long-pressing on a link still allows one to open it in a new tab. Good to know, and thanks to Mazzic for pointing that out.
Old and wrong comment:
This is made much worse (and highlights the problems brought about) by Apple's insistence that no other browser engine is allowed on iOS. Chrome and all the others are basically just skins around WebKit, and are thus also vulnerable to this defect.
To clarify: chrome suffers from the same disability to open links by tapping them on affected devices, because it is not allowed to use Google's own WebKit fork, Blink. However, they do something different for long-press events, so long-pressing on a link still allows one to open it in a new tab. Good to know, and thanks to Mazzic for pointing that out.
Upvote
0
(6
/
-6)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30907051#p30907051:2pk2si5p said:
Isn't that just 9.3 for older devices? I see no update (iTunes or on the phone), and haven't heard about it anywhere else.
Upvote
0
(0
/
0)
SWEET JEBUS I THOUGHT IT WAS JUST ME. All my friends weren't having this issue, and cursory googling didn't turn anything up yesterday.
I don't have Booking.com installed, so some other app(s) are doing it for sure.
I found Chrome allows you to still long-click and open in new tab, but Safari will lock and crash.
I don't have Booking.com installed, so some other app(s) are doing it for sure.
I found Chrome allows you to still long-click and open in new tab, but Safari will lock and crash.
Upvote
4
(5
/
-1)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30905943#p30905943:2cxb7f5b said:
Booking.com isn't the only app with this problem. I don't have that app and I have the problem.
Upvote
1
(2
/
-1)
I do not have the app either and Facebook is the first place where I saw this happening. I would try to open links and the phone would sit there going "You clicked? What? You want me to do something? No content here, nope nope nope."
I have a bunch of news apps, and can attest having loaded AP News, NYT's condensed news app, Reuters, NPR, Washington Post, STL Today, BBC, CNN, Salon, and The Guardian at various times in the last few days. That's not in any particular order.
Other than those apps, I haven't used the Twitter app in a while, but I have used the Tumblr app and the Facebook app and the Messenger app.
Given what they do, I think one or more of those is the most likely culprit vs. other apps.
I have a bunch of news apps, and can attest having loaded AP News, NYT's condensed news app, Reuters, NPR, Washington Post, STL Today, BBC, CNN, Salon, and The Guardian at various times in the last few days. That's not in any particular order.
Other than those apps, I haven't used the Twitter app in a while, but I have used the Tumblr app and the Facebook app and the Messenger app.
Given what they do, I think one or more of those is the most likely culprit vs. other apps.
Upvote
2
(3
/
-1)
Make that three. After about 10 tries it also worked for me.
Interestingly, when following your voodoo fix guide with Xcode running, uninstalling the Booking.com app seemed to trigger a crash in swcd. A subsequent reinstall and uninstall of the app without reboot and without airplane mode then seemed to fix it. So yet, it really is voodoo.
Anyway: thanks for the solution, worked for me in the end!
Upvote
6
(6
/
0)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30907477#p30907477:34gync6b said:
Which apps do you have installed? There are some Booking.com affiliate apps that would load Booking.com's associations without being named Booking.com. I believe one is called Agoda.
You can just rattle off the list of apps you have. I can manually check for the com.apple.developer.associated-domains entitlement entry returned from codesign as detailed in Checking the Entitlements of an .ipa file so long as I can download the app for free.
Upvote
2
(2
/
0)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30907551#p30907551:1wmfqd6s said:
I'm not sure why you'd think it'd be one of those app. You don't have to use the app to have the problem, it just has to exist.
It is not the Twitter, CNN, Facebook, or Messenger apps. It is unlikely to be a news app. See my above instructions to Mazzicc, they apply here.
Upvote
1
(1
/
0)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30907113#p30907113:2hra1x8p said:
It has absolutely nothing to do with WebKit. It's related to the ability to pass arbitrary URLs to iOS for processing. If it isn't being passed to iOS, like in the case of long pressing in Chrome, swcd doesn't get invoked so the issue doesn't appear.
Upvote
6
(6
/
0)
[url=http://meincmagazine.com/civis/viewtopic.php?p=30907861#p30907861:24rmvjoq said:
I've got easily over a hundred apps on my phone, trying to rattle off every one would take more effort than is worth it to me to just use open-in-new-tab in chrome for the time being. Thanks for offering to help though.
If someone starts putting together a list of the apps with this problem, I'd probably check it out and see if I have any, but for now, I'm just waiting for the fix from Apple.
Upvote
0
(0
/
0)
- Status