| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to a 'text bomb' causing WhatsApp to freeze has happened again within the same organization. In the past, WhatsApp has faced similar issues with text bombs that can crash the app or even the entire device. For example, in the reported incident, a text bomb containing a black dot or specific text caused WhatsApp to freeze [71185]. This indicates a recurring vulnerability in WhatsApp's software that allows for such text bombs to disrupt the app's functionality.
(b) The software failure incident involving a 'text bomb' causing devices to crash has also occurred at other organizations. In a separate incident, a bug was discovered that sent Apple iPhones, iPads, and Macs into a frenzy due to a single character from a language used in India. This bug overloaded systems with hidden text characters, leading to crashes and the need for device resets. The glitch affected Apple gadgets running iOS 11.2.5 or macOS, disabling access to iMessages and other apps like WhatsApp, Facebook Messenger, Outlook for iOS, and Gmail [71185]. This demonstrates that similar software vulnerabilities can impact multiple organizations and their products/services. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase:
- The incident involving the WhatsApp 'text bomb' causing iOS and Android handsets to freeze was due to a specific code hidden in messages that overloaded the operating system with tens of thousands of text characters, leading to the app freezing or the entire operating system crashing [71185].
(b) The software failure incident related to the operation phase:
- The incident involving the Telugu language character crashing Apple iPhones, iPads, and Macs was triggered by opening a message containing the character, which overloaded systems with hidden text characters, causing the devices to crash and disabling access to iMessages [71185]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident involving the 'text bomb' on WhatsApp and the bug affecting Apple devices can be categorized as within_system failures. These incidents were caused by specific malicious code or characters hidden within messages that overloaded the operating systems of the devices, leading to crashes and freezes [71185]. The issues originated from the content of the messages themselves, which exploited vulnerabilities within the software systems of WhatsApp and Apple devices.
(b) outside_system: The incidents also involved elements of outside_system failures as the malicious messages containing the 'text bomb' and the Telugu language character were spread externally via platforms like Pastebin and messaging apps [71185]. The distribution of these harmful messages from external sources contributed to the software failures experienced by users of WhatsApp and Apple devices. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident occurring due to non-human actions:
The software failure incidents reported in the articles are primarily due to non-human actions. In the case of the WhatsApp 'text bomb', the issue is caused by specially crafted messages containing hidden code that overloads the operating system with tens of thousands of text characters, leading to freezing and crashing of the app and sometimes the entire device [71185].
(b) The software failure incident occurring due to human actions:
The failure in these incidents is not directly attributed to human actions but rather to the malicious intent of individuals spreading the 'text bomb' messages as pranks. The messages containing the code to crash WhatsApp are being circulated by friends to deliberately crash the phones of their contacts, but the actual coding and execution of the attack are automated and do not involve direct human actions during the failure occurrence [71185]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident occurring due to hardware:
- The incident reported in the articles is not attributed to hardware issues but rather to software vulnerabilities and bugs. The text bombs causing WhatsApp to freeze and the Telugu language character crashing iOS devices are all related to software flaws and not hardware issues [71185].
(b) The software failure incident occurring due to software:
- The software failure incidents reported in the articles are primarily due to software vulnerabilities and bugs. For example, the text bombs circulating on WhatsApp causing devices to freeze are a result of specially crafted messages with hidden code that overloads the operating system [71185]. Similarly, the Telugu language character causing iOS devices to crash is a software issue that overloads systems with hidden text characters, leading to crashes and the need for system reboots [71185]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the articles is malicious in nature. The incident involves the spreading of a 'text bomb' through WhatsApp messages that can cause iOS and Android handsets to freeze. The text bomb is being circulated as a prank by friends to deliberately crash their contacts' phones. The code powering the messages is shared online, allowing anyone to copy and paste it to spread the malicious messages. Clicking on specific elements within the messages, such as a black dot or a 'read more' link, triggers the crash, leading to the freezing of the devices. The incident is intentional and aimed at causing disruption and inconvenience to the recipients of the messages. [Article 71185] |
| Intent (Poor/Accidental Decisions) |
unknown |
(a) The intent of the software failure incident:
The software failure incident involving the 'text bomb' on WhatsApp was intentional and malicious. The text bomb was designed to cause iOS and Android handsets to freeze when specific messages were clicked on or interacted with. The messages containing the text bomb were being spread as pranks by individuals to deliberately crash the phones of their WhatsApp contacts [71185]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident related to development incompetence is evident in the article discussing the WhatsApp 'text bomb' that can cause iOS and Android handsets to freeze. The incident was caused by specially crafted messages containing hidden code that overloads the operating system with tens of thousands of text characters, leading to WhatsApp freezing and potentially crashing the entire operating system. This issue was exploited by individuals sharing the code online, allowing anyone to copy and paste it to spread the text bomb via WhatsApp [71185].
(b) The software failure incident related to accidental factors is seen in the article about a bug discovered in February that crashes Apple iPhones, iPads, and Macs when a message containing a specific character from the Telugu language is opened. This bug was not intentionally created but rather stemmed from the character overloading systems with hidden text characters, causing affected devices to crash and users to reset their iOS or Android devices. The bug affected various messaging apps and required users to receive a new message to break the crash loop caused by the malicious character [71185]. |
| Duration |
temporary |
(a) The software failure incident related to the WhatsApp 'text bomb' causing devices to freeze is temporary. Users affected by the text bomb can reboot their devices to resolve the issue. The incident is caused by specific messages containing hidden code that overloads the operating system, leading to the freezing of WhatsApp and potentially the entire device. Rebooting the device is mentioned as a solution to address the crash caused by the text bomb. The incident is not permanent as it does not seem to cause any permanent damage to the devices [71185].
(b) The software failure incident related to the Telugu language character crashing Apple devices is also temporary. The bug caused by the Telugu character overloads the system with hidden text characters, leading to crashes on iOS and macOS devices. Users affected by this bug had to reset their devices to escape the endless loop of crashes caused by the character. The incident is temporary as it can be resolved by updating the software to fix the problem [71185]. |
| Behaviour |
crash, other |
(a) crash: The software failure incident described in the articles involves a crash. Specifically, the text bomb sent via WhatsApp messages can cause the app to freeze, leading to the entire operating system crashing and requiring a reboot [71185].
(b) omission: There is no specific mention of the software failure incident being related to omission in the articles.
(c) timing: The incident does not relate to timing issues where the system performs its intended functions but at the wrong time.
(d) value: The software failure incident does not involve the system performing its intended functions incorrectly.
(e) byzantine: The incident does not involve the system behaving erroneously with inconsistent responses and interactions.
(f) other: The behavior of the software failure incident is primarily characterized by causing a crash in the system when specific messages are received on WhatsApp, leading to freezing and potential device reboot [71185]. |