Slashdot Mirror

← Back to Stories (view on slashdot.org)

App Store Bug Corrupts Binaries; Angry Birds Crash

Posted by timothy on from the now-they're-really-angry dept.

First time accepted submitter bargainsale writes "Many recent updates from Apple's App store are crashing immediately, including Instapaper. Instapaper's creator, Marco Arment, thinks this is due to corrupt binaries being distributed. As Angry Birds Space is among those affected, there is some hope that Apple may acknowledge the problem and fix it ..."

28 of 116 comments (clear)

  1. This. by kiriath · · Score: 5, Funny

    This is going to RUIN my workday =\ How can I work without my Angry Birds?

    1. Re:This. by thrillseeker · · Score: 3, Insightful

      They'll get right on this engineering effort as soon as they finish their litigation efforts.

  2. Another Apple first by GameboyRMH · · Score: 5, Funny

    iOS - the first operating system with package management that doesn't run hash-checks on installer packages to check for corruption. That's right, Apple did it first!

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
    1. Re:Another Apple first by kthreadd · · Score: 3, Informative

      App Store is not a package manager, it's an application distribution system.

    2. Re:Another Apple first by marcello_dl · · Score: 3, Insightful

      It doesn't follow. The binary might be corrupted before being hashed.

      You don't need technical reasons to bash Apple, even if their product were technically impeccable, you have too little control over them.

      --
      ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
    3. Re:Another Apple first by samkass · · Score: 4, Interesting

      iOS - the first operating system with package management that doesn't run hash-checks on installer packages to check for corruption. That's right, Apple did it first!

      That's the weird thing, though... Apple not only DOES check it, they require the developer to cryptographically sign the entire package with keys they provide, and apps won't run unless it matches. There should be nothing in between that could modify code without tripping that up.

      --
      E pluribus unum
    4. Re:Another Apple first by GameboyRMH · · Score: 2

      Huh, then you have to wonder whether the signature process failed or the hash process failed...if the signature process failed and the App Store not only passed incorrectly signed apps onto devices but allowed them to be installed, that's a security vulnerability.

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    5. Re:Another Apple first by h4rr4r · · Score: 2, Insightful

      So then they did not test it after building it?

      Dev sends app and hash to apple. Apple distributes and has end devices check hash at install time, if hash no match download again.

      Exactly where does this problem slip in without anyone noticing?

    6. Re:Another Apple first by tlhIngan · · Score: 4, Insightful

      Huh, then you have to wonder whether the signature process failed or the hash process failed...if the signature process failed and the App Store not only passed incorrectly signed apps onto devices but allowed them to be installed, that's a security vulnerability.

      I'd suspect something a bit more innoculous.- like data center storage corruption.

      iOS apps are encrypted - or rather, parts of them are. The executable has portions of its code and data segments encrypted, and the list of encrypted parts and the decryption key are then encrypted with the user's Apple ID key. That key is transferred to the device so that iOS can decrypt the binary encryptoin key and the list of encrypted segments (there aren't any headers).

      The reason apps can crash would include either the encryption table is blank and iOS decrypts the binary incorrectly (probable cause - disk full) thus causing corrupt code and data to be executed, or perhaps everything IS encrypted properly, but the binary is corrupt.

      The former would be erratic - some people would find it works correctly, others not, and it wouldn't matter if updates happened because it would occur on any download. The latter would mean the storage system has failed and thus during the DRM process, it's DRM'ing corrupt binaries.

      Since it's specific binaries that do this, perhaps some of Apple's massive storage servers have failed catastrophically. (they use iSilon/EMC storage servers at their NC datacenter I believe). And also why re-uploaded versions of same work - they were put on more stable storage.

      FYI - the way pirated apps work is they run the app, then use GDB to halt execution. Then they use GDB to dump the running image back out to get the decrypted version which then replaces the encrypted chunks with the decrypted versions.

      I would also guess that Apple's "fixing it" because I kept running into issues downloading ("This application is not currently available").

  3. Need a good way to revert to previous version by Terry+Pearson · · Score: 2

    This is why Apple and Android need a good way for you to easily revert to a previous version.

  4. Sent from my mortuary temple: by fuzzyfuzzyfungus · · Score: 4, Funny

    You're coding it wrong.

    -Steve

    1. Re:Sent from my mortuary temple: by GameboyRMH · · Score: 3, Funny

      Liar! He'd say something like "Just try not installing it in that way."

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    2. Re:Sent from my mortuary temple: by fuzzyfuzzyfungus · · Score: 3, Insightful

      Are you seriously suggesting that Steve would approve of there being ways other than the One True Way to install things on an iPhone?

      That sounds dangerously close to jailbreaker talk...

    3. Re:Sent from my mortuary temple: by drinkypoo · · Score: 3, Funny

      Are you seriously suggesting that Steve would approve of there being ways other than the One True Way to install things on an iPhone?

      I think you misunderstand... he would say you're touching the screen wrong. You have to caress it, not just jab at it. I swear, some people.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  5. App-arently fixed by k(wi)r(kipedia) · · Score: 5, Informative
    From the linked blog by app author Marco Arment:

    I emailed App Review less than an hour after the update went live and yelled about it on Twitter. About two hours after the update went live, a correct, functional version of it started being distributed on reinstalls. As far as I know, the problem hasn't recurred since then.

    I haven't yet received a response from App Review, so I don't know whether the fix was because I made noise, or simply because time passed, which may, for instance, expire a cache with the bad data.

    He now just wants Apple to acknowledge that there was a problem.

  6. Flamebait submission much? by 93+Escort+Wagon · · Score: 4, Insightful

    Seriously, updated/fixed Instagram downloads were available within a few hours. Having read various issue reports - this only affects certain apps and apparently only for certain users in certain regions - just how fast is the submitter expecting an official response? How fast would the submitter offer up an official statement if his software exhibited a bug under similar circumstances?

    --
    #DeleteChrome
  7. What's the difference? by tepples · · Score: 2

    App Store is not a package manager, it's an application distribution system.

    I'm not seeing the difference. Applications come in packages, and a distribution system manages them. A claim of the form "X is not A; it's B" is easier to understand if you explain what essential difference you see between A and B. Otherwise, I call fallacy.

    1. Re:What's the difference? by Anonymous Coward · · Score: 5, Funny

      Simple: package managers are for filthy Linux users. No cool, hip Apple connoisseur would want to be associated with these social outcasts.

      If you think I am joking you're only half right. Remember the outrage when Instagram came out on that disgusting Android thingy. Good times :D

    2. Re:What's the difference? by Gr8Apes · · Score: 2

      App Store is not a package manager, it's an application distribution system.

      I'm not seeing the difference. Applications come in packages, and a distribution system manages them. A claim of the form "X is not A; it's B" is easier to understand if you explain what essential difference you see between A and B. Otherwise, I call fallacy.

      I guess it would be easier to state that while application are packages, packages are not necessarily applications. So a package manager might be an application distribution system, but an application distribution system is not a package manager. In simpler terms - an application distribution system incorporates a very specific set of functionality, removing several aspects of a general package management system, including things like dependency hierarchies which can cause problems cross-applications, especially regarding versioning, thus avoiding several potential problem areas by only deploying a self-contained application. (Just IMHO)

      --
      The cesspool just got a check and balance.
  8. If the publisher makes the last good apk available by tepples · · Score: 5, Informative

    This is why Apple and Android need a good way for you to easily revert to a previous version.

    Android already has this. Mainstream Android devices support distribution of application packages (.apk) on the application publisher's web site.

    (And no, you don't need a hosts file to get this APK.)

  9. ftp problem by Viol8 · · Score: 2

    Someone at Apple forgot to type "bin" at the prompt before they uploaded the binaries :o)

  10. Apple? by MAXOMENOS · · Score: 4, Insightful

    As Angry Birds Space is among those affected, there is some hope that Apple may acknowledge the problem and fix it

    Fix it, maybe. Acknowledge it? Not bloody likely.

    --
    Finding God in a Dog
  11. Apple is finally finally DOOMED by alen · · Score: 4, Funny

    this did it i upgraded all of my wife's 50 some apps because she never does it and i'm waiting for her to call that she can't play angry birds. she's finally going to go android.

    oh wait, she can't call because the phone app won't work. I'M SAVED

    1. Re:Apple is finally finally DOOMED by game+kid · · Score: 3, Funny

      Just never ever see her again (lest she complain to your face about the non-working phone) and Mission Accomplished!

      --
      You can hold down the "B" button for continuous firing.
  12. Re:Oh Noez.. by Higgs+Bosun · · Score: 5, Funny

    Angry Birds crashing users' iPhones? Must be from the Russian app store, it's normally the user that crashes Angry Birds into things.

  13. They are supposed to crash. by 140Mandak262Jamuna · · Score: 4, Insightful

    What is the issue here? Aren't angry birds supposed to crash? You are supposed to pull the catapult and release it and the angry birds crash into structures built by pigs and destroy them. Don't get upset, there is a never ending supply of angry birds. So what is the problem here?

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  14. Re:If the publisher makes the last good apk availa by drinkypoo · · Score: 2

    any management dildo that can use marketingSpeak like "daycycle" needs to shove his blackberry up his ass.

    Not a big reader of Science Fiction, are you? I'm gonna go out on a limb and guess that you're not a big reader in general, though.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  15. Happened to us by BadPirate · · Score: 3, Informative

    This happened to our product last week. The issue seemed to be that most users who tried to download the application were instead getting the old version (despite app store thinking the product was updated)... You could see this if you pulled the binary off the device and looked into the binary size / info.plist (all the information matched).

    There were 2 work arounds we discovered:

    1. Users could fix their individual application (If they're app is crashing immediately), by deleting the app, and redownloading it from iCloud (go into purchase history to find the application and download it from there, NOT the app front page).

    2. Apple worked for a while on our issue but didn't come up with a resolution, instead we were able to get it back into operation by "Hitting the reset button" -- First, remove the app from sale in the store (set the available regions to none), wait until that propagates (could take a few hours) then, put it back. This fixed our issue. Hopefully now that more people are reporting this issue Apple will actually take the time to fix it.

    --
    - Holy crap, I've got MOD points! Who thought that was a good idea.