For those who came in late, Apple is seeing shrinking worldwide markets as the market for those with more money than sense starts to dry up. China was seen as a major way of keeping its cash cow still alive and Apple did not want to upset the Chinese government and earn itself a ban from the country. It agreed to censor its apps and set its brightest software minds to work out a way that this could be done. You are probably guessing what happened next.
Security researcher Patrick Wardle announed that he had been helping Apple fix a bug that would crash apps displaying the word "Taiwan" or the Taiwanese flag emoji. Some iPhones could be remotely crashed by something as simple as receiving a text message with the Taiwanese flag. Apple confirmed the fix in a security update Monday. Wired reports:
"Basically Apple added some code to iOS with the goal that phones in China wouldn't display a Taiwanese flag", Wardle said, "and there was a bug in that code". Since at least early 2017, iOS has included that Chinese censorship function.
Switch your iPhone's location setting to China, and the Taiwanese flag emoji essentially disappears from your phone, evaporating from its library of emojis and appearing as a "missing" emoji in any text that appears on the screen. That code likely represents a favour from Apple to the Chinese government, which for the last 70 years has maintained that Taiwan is a part of China and has no legitimate independent government.
Wardle found that in some edge cases, a bug in the Taiwan-censorship code meant that instead of treating the Taiwan emoji as missing from the phone's library, it instead considered it an invalid input. That caused phones to crash altogether, resulting in what hackers call a "denial of service" attack that would let anyone crash a vulnerable device on command. Wardle's still not sure how many devices are affected, or what caused that bug to be triggered only in some iOS devices and not others, but he believes it has something to do with the phone's location and language settings.
Wardle has more details of the bug on his blog.