Vulnerability in WebKit Crashes and Restarts iPhones and iPads (zdnet.com)

← Back to Stories (view on slashdot.org)

Vulnerability in WebKit Crashes and Restarts iPhones and iPads (zdnet.com)

Posted by msmash on Sunday September 16, 2018 @11:10AM from the you-have-been-warned dept.

Catalin Cimpanu, writing for ZDNet: A security researcher has discovered a vulnerability in the WebKit rendering engine used by Safari that crashes and restarts the iOS devices -- iPhones and iPads. The vulnerability can be exploited by loading an HTML page that uses specially crafted CSS code. The CSS code isn't very complex and tries to apply a CSS effect known as backdrop-filter to a series of nested page segments (DIVs). Backdrop-filter is a relative new CSS property and works by blurring or color shifting to the area behind an element. This is a heavy processing task, and some software engineers and web developers have speculated that the rendering of this effect takes a toll on iOS' graphics processing library, eventually leading to a crash of the mobile OS altogether.

4 of 57 comments (clear)

Min score:

Reason:

Sort:

Really? by grep+-v+'.*'+* · 2018-09-16 12:01 · Score: 2, Insightful

apply a CSS effect known as backdrop-filter

Just display the text. DISPLAY. THE. TEXT. That's all I want in a browser (well, accepting forms too I suppose, that is fairly handy.)

Movement and special effects and such are for movies. If I wanted blurry text I'd take off my glasses.

--
If the universe is someone's simulation -- does that mean the stars are just stuck pixels?
1. Re:Really? by Gr8Apes · 2018-09-16 12:11 · Score: 3, Insightful
  
  The entire HTML/CSS rendering concept is flawed from the get-go, with piss poor standardization and failure to maintain boundaries within graphical elements. It's effectively a pinup board with no boundaries and no real rules on rendering. But it's Agile! ;)
  
  --
  The cesspool just got a check and balance.
2. Re:Really? by CanadianMacFan · 2018-09-16 12:49 · Score: 4, Insightful
  
  It's not the developers. It's the designers who f*cking think that their site should look the same on every browser and every computer no matter what. They were the idiots that used to think that because your screen had n pixels in width then their website could be n pixels wide too. I mean, everybody has their browser maximized right?!?!? They also think that everyone has a high-speed connection to download unoptimized graphic files.
  It's HTML, it's going to look slightly different on different browsers and different platforms. Live with it. If it really needs to look the same then make a PDF to download.
3. Re:Really? by thegarbz · 2018-09-16 20:28 · Score: 3, Insightful
  
  Just display the text.
  
  1990 called, they want their HTML 1.0 back.
  
  That's all I want in a browser
  
  Use Lynx, and leave the rest of us alone.