Sending a single link can cause anyone’s smartphone to crash

Sending a single link can cause anyone’s smartphone to crash
Credit: Owen Williams / TNW

There’s a link doing the rounds on social media today that can crash almost any smartphone, just by opening it in your browser.

The aptly named crashsafari.com [this will crash your browser — even Chrome] does what it says on the box — it crashes the browser by writing thousands of characters in the address bar every second, exhausting memory.

Another conference. “Great.”

This one’s different, trust us. Our new event for New York is focused on quality, not quantity.

The attack is just four lines of code, and can cause an iPhone or Android phone to crash both Safari or Chrome, or reboot the entire phone itself. It even works against some desktop browsers, depending on how much RAM and CPU the machine has available.

Screen Shot 2016-01-25 at 3.25.10 PM

It leverages HTML5’s history.pushState, a JavaScript function used by many single page applications to update the address bar, even though the underlying page being viewed doesn’t change.

People are sending the link around on social media disguised by a short URL, to trick others into opening it and cause them to be unable to open their browsers until a reboot is completed.

The bug isn’t exactly malicious — it doesn’t break anything and can be easily rectified, but it is annoying. It’s in the same vein as the ‘effective power’ iPhone bug that allowed users to send a message to friends that would prevent the Messages app from launching.

crashsafari.com [via The Guardian]

Read next: Casey Neistat snowboards with the NYPD and goes viral… again

Shh. Here's some distraction

Comments