Forgot your password?
typodupeerror
Bug IOS Software Apple

App Store Bug Corrupts Binaries; Angry Birds Crash 116

Posted by timothy
from the now-they're-really-angry dept.
First time accepted submitter bargainsale writes "Many recent updates from Apple's App store are crashing immediately, including Instapaper. Instapaper's creator, Marco Arment, thinks this is due to corrupt binaries being distributed. As Angry Birds Space is among those affected, there is some hope that Apple may acknowledge the problem and fix it ..."
This discussion has been archived. No new comments can be posted.

App Store Bug Corrupts Binaries; Angry Birds Crash

Comments Filter:
  • This. (Score:5, Funny)

    by kiriath (2670145) on Thursday July 05, 2012 @10:51AM (#40551605)
    This is going to RUIN my workday =\ How can I work without my Angry Birds?
    • by synapse7 (1075571)
      Are you sure this isn't a feature working as intended?
    • by Thanshin (1188877)

      Time to move to a more interesting game you can also play in your phone.

      Have you ever played go [google.com]?

      (disclaimer: I have nothing to do with the game nor the server creators).

    • Re:This. (Score:4, Insightful)

      by thrillseeker (518224) on Thursday July 05, 2012 @11:20AM (#40551991)
      They'll get right on this engineering effort as soon as they finish their litigation efforts.
  • by GameboyRMH (1153867) <gameboyrmh@@@gmail...com> on Thursday July 05, 2012 @10:54AM (#40551629) Journal

    iOS - the first operating system with package management that doesn't run hash-checks on installer packages to check for corruption. That's right, Apple did it first!

    • by kthreadd (1558445) on Thursday July 05, 2012 @11:00AM (#40551711)
      App Store is not a package manager, it's an application distribution system.
      • App Store is not a package manager, it's an application distribution system.

        I'm not seeing the difference. Applications come in packages, and a distribution system manages them. A claim of the form "X is not A; it's B" is easier to understand if you explain what essential difference you see between A and B. Otherwise, I call fallacy [logicallyfallacious.com].

        • by Anonymous Coward on Thursday July 05, 2012 @11:18AM (#40551969)

          Simple: package managers are for filthy Linux users. No cool, hip Apple connoisseur would want to be associated with these social outcasts.

          If you think I am joking you're only half right. Remember the outrage when Instagram came out on that disgusting Android thingy. Good times :D

        • by Gr8Apes (679165)

          App Store is not a package manager, it's an application distribution system.

          I'm not seeing the difference. Applications come in packages, and a distribution system manages them. A claim of the form "X is not A; it's B" is easier to understand if you explain what essential difference you see between A and B. Otherwise, I call fallacy [logicallyfallacious.com].

          I guess it would be easier to state that while application are packages, packages are not necessarily applications. So a package manager might be an application distribution system, but an application distribution system is not a package manager. In simpler terms - an application distribution system incorporates a very specific set of functionality, removing several aspects of a general package management system, including things like dependency hierarchies which can cause problems cross-applications, espec

      • by MightyYar (622222)

        I was just going to post that I've never had it flag a dependency :)

    • by marcello_dl (667940) on Thursday July 05, 2012 @11:12AM (#40551873) Homepage Journal

      It doesn't follow. The binary might be corrupted before being hashed.

      You don't need technical reasons to bash Apple, even if their product were technically impeccable, you have too little control over them.

      • Re: (Score:3, Insightful)

        by h4rr4r (612664)

        So then they did not test it after building it?

        Dev sends app and hash to apple. Apple distributes and has end devices check hash at install time, if hash no match download again.

        Exactly where does this problem slip in without anyone noticing?

    • by samkass (174571) on Thursday July 05, 2012 @11:17AM (#40551949) Homepage Journal

      iOS - the first operating system with package management that doesn't run hash-checks on installer packages to check for corruption. That's right, Apple did it first!

      That's the weird thing, though... Apple not only DOES check it, they require the developer to cryptographically sign the entire package with keys they provide, and apps won't run unless it matches. There should be nothing in between that could modify code without tripping that up.

      • Huh, then you have to wonder whether the signature process failed or the hash process failed...if the signature process failed and the App Store not only passed incorrectly signed apps onto devices but allowed them to be installed, that's a security vulnerability.

        • by tlhIngan (30335) <slashdot AT worf DOT net> on Thursday July 05, 2012 @12:28PM (#40552903)

          Huh, then you have to wonder whether the signature process failed or the hash process failed...if the signature process failed and the App Store not only passed incorrectly signed apps onto devices but allowed them to be installed, that's a security vulnerability.

          I'd suspect something a bit more innoculous.- like data center storage corruption.

          iOS apps are encrypted - or rather, parts of them are. The executable has portions of its code and data segments encrypted, and the list of encrypted parts and the decryption key are then encrypted with the user's Apple ID key. That key is transferred to the device so that iOS can decrypt the binary encryptoin key and the list of encrypted segments (there aren't any headers).

          The reason apps can crash would include either the encryption table is blank and iOS decrypts the binary incorrectly (probable cause - disk full) thus causing corrupt code and data to be executed, or perhaps everything IS encrypted properly, but the binary is corrupt.

          The former would be erratic - some people would find it works correctly, others not, and it wouldn't matter if updates happened because it would occur on any download. The latter would mean the storage system has failed and thus during the DRM process, it's DRM'ing corrupt binaries.

          Since it's specific binaries that do this, perhaps some of Apple's massive storage servers have failed catastrophically. (they use iSilon/EMC storage servers at their NC datacenter I believe). And also why re-uploaded versions of same work - they were put on more stable storage.

          FYI - the way pirated apps work is they run the app, then use GDB to halt execution. Then they use GDB to dump the running image back out to get the decrypted version which then replaces the encrypted chunks with the decrypted versions.

          I would also guess that Apple's "fixing it" because I kept running into issues downloading ("This application is not currently available").

      • Apple not only DOES check it, they require the developer to cryptographically sign the entire package with keys they provide, and apps won't run unless it matches. There should be nothing in between that could modify code without tripping that up.

        If "they" in the first sentence is Apple rather than the developer (and its not clear what the referent fro that pronoun is), then Apple has the keys and could modify the package after it is provided by the developer. Why they would do so is unclear, but it would

      • by rabtech (223758)

        Well if you RTFA, you will see that it is actually the decryption that fails. The package itself validates as being properly downloaded (the bits sent by the server are the bits received), but the binary is corrupt and not properly encrypted so the OS refuses to run it.

        The problem appears to be in the distribution system that signs the binary then distributes the package across the CDNs, after App Review approves it. The current theories are that the signing system is somehow incorrectly signing a mismatch

        • by mellon (7048)

          IOW, TFS is simply wrong: the application isn't crashing. Everything is working exactly as it should, except for some intermediary storage in the App store.

          Sigh.

          • Man, when you put it like that, it that sounds so dull and realistic. Can't you rephrase it to make it more exciting and inflammatory?

    • by Lucky75 (1265142)
      Don't forget to patent that.
    • by mellon (7048)

      Yeah, I'm _really_ confused by this story. In order to publish an app, you have to sign it with your developer key, and Apple has to sign it too. How is it even _possible_ for a corrupted app to run on an iOS device? Wouldn't it just fail the signature check?

    • by sootman (158191)

      And it's patented. :-)

  • This is why Apple and Android need a good way for you to easily revert to a previous version.
  • Angry birds is a touchscreen phone's biggest selling point. What will the world do now?
  • by fuzzyfuzzyfungus (1223518) on Thursday July 05, 2012 @10:54AM (#40551639) Journal
    You're coding it wrong.

    -Steve
  • App-arently fixed (Score:5, Informative)

    by k(wi)r(kipedia) (2648849) on Thursday July 05, 2012 @11:03AM (#40551753)
    From the linked blog by app author Marco Arment:

    I emailed App Review less than an hour after the update went live and yelled about it on Twitter. About two hours after the update went live, a correct, functional version of it started being distributed on reinstalls. As far as I know, the problem hasn't recurred since then.

    I haven't yet received a response from App Review, so I don't know whether the fix was because I made noise, or simply because time passed, which may, for instance, expire a cache with the bad data.

    He now just wants Apple to acknowledge that there was a problem.

    • From the linked blog by app author Marco Arment:

      I emailed App Review less than an hour after the update went live and yelled about it on Twitter. About two hours after the update went live, a correct, functional version of it started being distributed on reinstalls. As far as I know, the problem hasn't recurred since then.

      I haven't yet received a response from App Review, so I don't know whether the fix was because I made noise, or simply because time passed, which may, for instance, expire a cache with the bad data.

      He now just wants Apple to acknowledge that there was a problem.

      Well, it seems to me that they did the correct thing, which is to put their resources into fixing the problem first, and discuss the problem with angry users later.

      • Well, it seems to me that they did the correct thing, which is to put their resources into fixing the problem first, and discuss the problem with angry users later.

        If Apple is so short on resources they can't afford to work on the problem and simultaniously dedicate 1 person to sending a message out to an email list saying "hey, we messed something up, give us a few to get it fixed," They've got some serious issues.

        What's that? More cash on hand than the federal government? In that case, no excuse (other than ego, of course).

        • Well, it seems to me that they did the correct thing, which is to put their resources into fixing the problem first, and discuss the problem with angry users later.

          If Apple is so short on resources they can't afford to work on the problem and simultaniously dedicate 1 person to sending a message out to an email list saying "hey, we messed something up, give us a few to get it fixed," They've got some serious issues.

          Dealing with the end users properly should include a statement of the form such as "this is what went wrong, this is how we're fixing it." If it doesn't include information similar to that, the users are going to be just as dissatisfied as they were before, and maybe more so. That means asking the people fixing the problem "what went wrong? How soon can we fix it?"

          To which the correct answer is "shut up and stop bothering us, we're too busy to deal with you right now."

          In general, you can do work or you c

          • In general, you can do work or you can answer questions from management, but you can't do both.

            Not buying it; we're not talking about some open-source, crowd-funded underdog, here - If you're really trying to convince me that communicating with customers when things go wrong is too much work for a company that has more money than the government, you've got a tough road ahead.

            It becomes even harder to convince me of such when taking into account Apple's history of deny, [pcworld.com] deny, [blogspot.com] deny. [maclife.com]

            • Money has nothing to do with it.

              You can do work, or you can answer questions from management, but you can't do both. If you think that it's possible to do both just because you have a lot of money-- well, sorry. It would be nice if money solved all problems.

              • Money has nothing to do with it.

                Money has everything to do with it.

                Apple has the financial security to hire nations of customer support people if they wanted to, tasked with answering questions from customers. No need to bother the coders trying to fix the problem, with the exception of maybe pulling one or two aside for 15 minutes to write down exactly what the issue is, so the reps can explain it to irate customers. Of course, this is assuming they don't toe the iLine and pretend like there's nothing wrong, outright lying to customers

                • No need to bother the coders trying to fix the problem, with the exception of maybe pulling one or two aside for 15 minutes to write down exactly what the issue is, so the reps can explain it to irate customers.

                  Oh, that's just so easy! No problem, just "pull one or two of the programmers who are trying to solve the problem aside for fifteen minutes", yeah, that's all! Easy, just fifteen minutes! Twenty, tops! Well, maybe thirty, if they have to explain it in terms management can understand. No more than an hour, certainly, or, anyway, no more than two. Well, unless management has questions, then maybe a little more. Half a day, tops, dead certain.

                  Idiot. I just hope you're not in management.

                  • No need to bother the coders trying to fix the problem, with the exception of maybe pulling one or two aside for 15 minutes to write down exactly what the issue is, so the reps can explain it to irate customers.

                    Oh, that's just so easy! No problem, just "pull one or two of the programmers who are trying to solve the problem aside for fifteen minutes", yeah, that's all! Easy, just fifteen minutes! Twenty, tops! Well, maybe thirty, if they have to explain it in terms management can understand. No more than an hour, certainly, or, anyway, no more than two. Well, unless management has questions, then maybe a little more. Half a day, tops, dead certain.

                    Yea, and? Like I keep trying to tell you, it's not like Apple is some tiny little startup with only 1-2 guys doing code; they have a veritable fucking ARMY of coders, so having one or two take a day to explain to customer service what sort of calls they should be expecting is not unreasonable. Hell, it would be unreasonable to not give CS a heads up, considering that this little fuck-up (which is likely the coders' fault) probably quadrupled the call volume.

                    Idiot. I just hope you're not in management.

                    Fuck. You. Assbasket.

                    I don't need to hope, I can

    • On the forums [iphonedevsdk.com] people are still reporting apps coming out today that are corrupt: "5 of my app updates went live today. and getting bunch of emails from users that my apps are crashing after updates."
  • by 93 Escort Wagon (326346) on Thursday July 05, 2012 @11:04AM (#40551769)

    Seriously, updated/fixed Instagram downloads were available within a few hours. Having read various issue reports - this only affects certain apps and apparently only for certain users in certain regions - just how fast is the submitter expecting an official response? How fast would the submitter offer up an official statement if his software exhibited a bug under similar circumstances?

    • Re: (Score:1, Troll)

      by drinkypoo (153816)

      How fast would the submitter offer up an official statement if his software exhibited a bug under similar circumstances?

      Very quickly, if he wanted to maintain his credibility. Of course, Apple doesn't have any to lose (except among the cult that experiences Apple the way others experience religion [cnn.com]), who can safely be called a cult and be assumed to be brainwashed. Presumably, these people are easy to brainwash; it only took the most trite methods of propaganda to accomplish it.

    • Having read various issue reports - this only affects certain apps and apparently only for certain users in certain regions - just how fast is the submitter expecting an official response?

      Instapaper's author was begging happy users to write review to balance out the "-3 stars: crashes! this app is teh suck!" reviews that came flooding in as people installed the new update. If my livelihood were being harmed by a publisher breaking my app, I'd want that official response pretty damn quickly.

  • by wzinc (612701)
    "there is some hope that Apple may acknowledge the problem and fix it"

    Who writes this? If there is an issue, obviously, they will fix it.
    • "there is some hope that Apple may acknowledge the problem and fix it"

      Who writes this? If there is an issue, obviously, they will fix it.

      Exactly. This is sooo bullshit.

  • by Viol8 (599362) on Thursday July 05, 2012 @11:08AM (#40551813)

    Someone at Apple forgot to type "bin" at the prompt before they uploaded the binaries :o)

  • Apple? (Score:5, Insightful)

    by MAXOMENOS (9802) <maxomai AT gmail DOT com> on Thursday July 05, 2012 @11:08AM (#40551825) Homepage

    As Angry Birds Space is among those affected, there is some hope that Apple may acknowledge the problem and fix it

    Fix it, maybe. Acknowledge it? Not bloody likely.

  • by alen (225700) on Thursday July 05, 2012 @11:12AM (#40551879)

    this did it i upgraded all of my wife's 50 some apps because she never does it and i'm waiting for her to call that she can't play angry birds. she's finally going to go android.

    oh wait, she can't call because the phone app won't work. I'M SAVED

  • How much you want to bet Apple has already have patented this?
    • How much you want to bet Apple has already have patented this?

      Sorry for my butchering of the language there... English is my first language.

  • by 140Mandak262Jamuna (970587) on Thursday July 05, 2012 @11:46AM (#40552363) Journal
    What is the issue here? Aren't angry birds supposed to crash? You are supposed to pull the catapult and release it and the angry birds crash into structures built by pigs and destroy them. Don't get upset, there is a never ending supply of angry birds. So what is the problem here?
    • Once my father was about to nudge over my tower PC, to which I said "hey, don't crash it..." and he replied "isn't it normal that computers crash". This was Windows 98 era so he wasn't too far from the truth.
  • A while back I was stuck with a corrupted copy of Event Horizon downloaded from iTunes I wanted running in the background while getting some 40K stuff done.

    On my main PC hooked up the to the big screen.
    Downloaded, stopped at a certain mark.
    Deleted, restarted download. Stopped at same mark.
    Deleted movie and cache. Restarted download, stopped at the same mark.
    Contacted Apple tech support. Told them about the corrupt file on their servers. Suggested my cache was corrupted. I told them I had already cleared it.

  • Happened to us (Score:3, Informative)

    by BadPirate (1572721) on Thursday July 05, 2012 @01:13PM (#40553599) Homepage

    This happened to our product last week. The issue seemed to be that most users who tried to download the application were instead getting the old version (despite app store thinking the product was updated)... You could see this if you pulled the binary off the device and looked into the binary size / info.plist (all the information matched).

    There were 2 work arounds we discovered:

    1. Users could fix their individual application (If they're app is crashing immediately), by deleting the app, and redownloading it from iCloud (go into purchase history to find the application and download it from there, NOT the app front page).

    2. Apple worked for a while on our issue but didn't come up with a resolution, instead we were able to get it back into operation by "Hitting the reset button" -- First, remove the app from sale in the store (set the available regions to none), wait until that propagates (could take a few hours) then, put it back. This fixed our issue. Hopefully now that more people are reporting this issue Apple will actually take the time to fix it.

  • It might just have been a flaky router corrupting some of the data going through it?
  • LAUGH

    LAUGH

    LAUGH

    LAUGH

    Seriously, I've wasted about 5 days (day = 24 hours) dealing with Apple's iTunes. Damn near ready to dig up Steve Jobs from his grave just to shoot him.

    Yes, I am officially DONE with all things Apple. (Well, I will be once my AT&T wireless lock in ends this month.)

  • In the article, the guy has listed over 100 apps that suffer from the problem. What's the point? One could assume that once you come across the 3rd, you would start to think that it's not really an app-specific problem.

    The another thing that sucks here is how desperately he is collecting evidence to point out the problem and sorely hoping Apple to fix it. If correcting problems and actually hearing back from some knowledgeable people is that hard, something is just wrong with the company.

The generation of random numbers is too important to be left to chance.

Working...