[shifuimam]

rdar://13128709: OSX apps (TextEdit) crashing in spell-checker (I think).

This hit Slashdot today. The text "File:///" without quotes will crash just about every single application in 10.8 except for Terminal. When the app crashes, if you try to view the crashlog information, Console crashes because of the text.

So what you really need to do here is email someone you hate with that text, and it'll crash their mail client.

Verified on bf's MBP - opening a file containing the above text will crash the application. It's not just when you input that text.

[lpkmckenna]

This is pretty hilarious. I just tried it with TextEdit and Safari, and yep, it works as described. Crashes Spotlight too, but not the search field in Launchpad. (Not that anyone uses Launchpad.

Apparently, any app that using the system-wide spellcheck will crash from this bug.

[Spheric Harlot]

That's pretty damn funny.

Not dramatic, but funny.

[shifuimam]

The bug is in Data Detectors, which is an OS-level "feature" that monitors text input and output for things that can be interacted with, like calendar events, phone numbers, email addresses, and URIs. file:/// (case-insensitive, btw) is the URI for accessing content on the local machine. It works in every OS, AFAIK. If you typed something like file:///System into TextEdit, Data Detectors would see that as a URI and convert it into a link. Clicking it would open your System folder. The problem is, the data detector for this particular URI is enforcing case sensitivity, and anything that isn't all lowercase is causing the Data Detector subsystem to crash the application that's trying to use it.

The bigger question is why Data Detectors is system-wide by default, and why there isn't a clear way to disable it. It doesn't work on password fields, but it does work everywhere else. For instance, it's monitoring what you type into Facebook - or even a local text document containing something private. A system-wide process that monitors text input like this is a gold mine for hackers. If it can be hooked, it would be possible for a data mining virus to intercept everything being monitored and use that information for nefarious purposes.

You might think this is a stretch, but this is the kind of stuff that coders on the dark side look for.

[Spheric Harlot]

Causing the service or application to crash is not a security issue, and it most certainly is NOT a "goldmine for hackers", unless this bug causes an overflow that executes any additional code entered after the crash-causing string.

It is annoying and can be maliciously used to cause data loss, but a security problem it is not.

Unless you're talking about the service itself in a general sense. But that applies to ANY system service, and those all require an exploit first, before ANYTHING can happen.

If somebody manages to access your system to the point that he can run a virus that can read data detectors, then the data detector service is completely irrelevant already.

[mduell]

Originally Posted by shifuimam 

For instance, it's monitoring what you type into Facebook - or even a local text document containing something private. A system-wide process that monitors text input like this is a gold mine for hackers. If it can be hooked, it would be possible for a data mining virus to intercept everything being monitored and use that information for nefarious purposes.

Originally Posted by Spheric Harlot 

Causing the service or application to crash is not a security issue, and it most certainly is NOT a "goldmine for hackers", unless this bug causes an overflow that executes any additional code entered after the crash-causing string.

He didn't say the crash is a goldmine for hackers. He said the ability to monitor what's typed in any application is the goldmine.

[Spheric Harlot]

SHE.

And I figured that that might have been what she meant, which is why the entire second half of my post addresses that point.

[Waragainstsleep]

It doesn't crash Pages.

Its fun to send someone an iMessage with that text. If you don't delete the conversation, Messages crashes every time.

[P]

Originally Posted by Waragainstsleep 

It doesn't crash Pages.

Its fun to send someone an iMessage with that text. If you don't delete the conversation, Messages crashes every time.

That is Denial of Service, which is at least remotely problematic. The rest is just an amusing little bug.

[shifuimam]

I'm not saying such an exploit is probable or even sort of likely. It's more the idea that the OS is monitoring things that closely and there's no way to disable it.

Apple's got a pretty bad habit doing this kind of stuff with both OS X and iOS. I just prefer to know what my OS is doing when it comes to monitoring, phoning home, etc. - and more importantly, the option to disable those kinds of "features" is paramount.

[FireWire]

Apple Data Detector has been around since at least MacOS 8 and I find it really useful! I don't think it's a huge security problem as if your system is compromised, there could be a keylogger that records all your activities already, and the same could be said about system-wide spell checking, which is now mainstream.

[Chito]

I tried it with Word 2011 and it didn't crash.

[Thinine]

Originally Posted by FireWire 

Apple Data Detector has been around since at least MacOS 8 and I find it really useful! I don't think it's a huge security problem as if your system is compromised, there could be a keylogger that records all your activities already, and the same could be said about system-wide spell checking, which is now mainstream.

Data Detectors are a completely new technology created for iOS and ported to OS X in Lion.

Hopefully we'll see this fixed in 10.8.3.

[turtle777]

Originally Posted by Chito 

I tried it with Word 2011 and it didn't crash.

I"m sure this is going to be fixed soon.

Oh, wait, nevermind

-t

[FireWire]

Originally Posted by Thinine 

Data Detectors are a completely new technology created for iOS and ported to OS X in Lion.

Hopefully we'll see this fixed in 10.8.3.

Really? then what's that?






I clearly remember using this technology way before OS X came out.. http://en.wikipedia.org/wiki/Advanced_Technology_Group

The Advanced Technology Group (ATG) was a corporate research laboratory at Apple Computer from 1986 to 1997. [...]

Apple's ATG was the birthplace of Color QuickDraw, QuickTime, QuickTime VR, QuickDraw 3D, QuickRing, 3DMF the 3D metafile graphics format, ColorSync, HyperCard, Apple events, AppleScript, Apple's PlainTalk speech recognition software, Apple Data Detectors, the V-Twin software for indexing, storing, and searching text documents, Macintalk Pro Speech Synthesis, the Newton handwriting recognizer,[4] the component software technology leading to OpenDoc, MCF, HotSauce, Squeak, and the children's programming environment Cocoa (a trademark Apple later reused for its otherwise unrelated Cocoa application frameworks).

[P]

I was just about to say. Data Detectors were a part of Mac OS 8, and there was something called Internet Address Detectors that you could download that would enhance them. I think everyone played with them for two days and then forgot they were ever there.

[shifuimam]

The base technology has been around for awhile. 10.8 is the first OS where it has been integrated into the system at this level. It was previously only present in certain Apple-published software and third party devs who chose to use it.

The bug doesn't work in Word, but it does work in Outlook. Curious...

[Thinine]

I'd be verrry surprised if they used the same code. But I never saw that in OS 8+.

[P]

Apple has reused a lot of code from the old Mac OS in OS X. Given that they use the same name, and it's not a flashy marketing name, I think it's the same code.

Googling this, it appears that the Data Detectors in the default install on OS 8 only worked on applications that supported contextual menus anyway, but if you installed the optional IAD, you got universal support in the same download.