I quite like the new Outlook for Windows. But it has a couple of annoying bugs. One of which is, when it is maximised it doesn't let you unhide your bottom task bar. I've set up Windows so the taskbar disappears whenever my cursor isn't at the bottom of the screen. When my mouse touches the bottom, the bar appears. Lovely! But Outlook breaks this functionality - which I'm pretty sure existed back in Windows 95. Microsoft have received several complaints about this, but done nothing. Anyway,…
Continue reading →
I try to write good bug reports, I really do. I fill out templates when asked. I try to include reproducible proof of the bug. I'll even give a screenshot or screen recording to prove I'm not making things up. If I'm familiar enough with the programming language, I'll also attempt to say roughly where the problem lies. Sadly, that's not always enough. Two years ago today, I wrote what I thought was a pretty comprehensive bug report for Android OS. I included links to public forums where…
Continue reading →
Chrome for Android had a flaw which let one tab draw over another - even if the tabs were on completely different domains. A determined attacker might have been able to abuse this to convince a user to download and installed a spoofed app. See Chrome Bug #1242315 for details. Demo Here's a video of me on one site (Twistory.ml) opening a link to Twitter in a new tab. Twitter's mobile site contains a Web Manifest which should prompt the user to install an app. Rather than displaying this…
Continue reading →
Whenever I open Twitter in a new tab on my phone, the page layout looks weird for a few seconds. It starts out looking like the desktop view and then, after a few seconds, it snaps back to the mobile view. What's causing this? Try opening this link to a window size detector in a background tab. Then visit that tab. On Chrome, this is what I see. If I hit the refresh button on that tab, the Outer window size snaps back: What's going on? According to the specification: The…
Continue reading →
Recently, I bought an eBook which has a bug. I'd like to explain what the bug is, why it is a problem, and how I'm trying to get it corrected. Amazon sells eBooks in KF8 format. That is an ePub with some proprietary extras. ePub is a standard based off HTML5. You can read the ePub 3 specification but, basically, it is a .zip of HTML files. If you unzip an eBook, you can read the source code behind it. When trying to read a Kindle book on a non-Kindle device, I noticed a bug. Some words were…
Continue reading →
I found a curious little bug and I'm interested in who you think should take responsibility for it. My mobile network provider sent me this message: I clicked on the link, and got this error message from their website: The error is caused by the trailing full-stop. Remove the full-stop and the page loads. There are four potential culprits here... Virgin Media's Web Team Should their website handle stray punctuation at the end of a URl? Most webservers can be configured to take users…
Continue reading →
Technology never works right. And video technology never works right even harder. The Amazon 4K Fire Stick is a pretty cool bit of kit. It's an Android device which can push 4K HDR video with surround sound to your TV. But, like any technology, it's buggy. Here's the bug report I've tried to send to Amazon and the BBC. They haven't answered - so I'm publishing it here as well. BBC iPlayer supplies 4K video - but the app doesn't switch to 4K mode, it stays at 1080p. Amazon debug To turn on…
Continue reading →
Another day, another Gmail bug which won't get fixed. The original Android phone - HTC Dream - had 192MB of RAM. The latest Android phones tend to have 6GB. A 32 times increase in a decade. Laptops have also leapt forwards in speed and memory. Sadly, no one on the Gmail team has noticed. It's 2019, and Gmail app users are still seeing the dreaded "[Message Clipped] View entire message" error. It's just as bad on the web version of Gmail - even on Desktop Chrome. Google don't even do…
Continue reading →
Here's a curious bug I just discovered in Firefox 67 for Linux. Can you see this unicorn: →🦄 ← What happens if you use CSS to change the opacity of an emoji? Here's a unicorn, with a pink font colour: 🦄 Unicorn Let's wrap that in this scrap of CSS to make it 50% opaque. color: rgba(255, 105, 180, 0.5); 🦄 Unicorn Hopefully, you see a semi-transparent philosophical argument. What if we set the opacity to 0.0 - that is, completely transparent? 🦄 Unicorn There's a shunicorn there. If you …
Continue reading →
It's 2019 and high-tech devices are still plagued by text encoding bugs. I recently bought the new 4K Amazon Fire Stick. It's a little Android dongle which plays videos. It's neat - but quite often displays weird text errors. Take the kids' TV show House of Anubis, the Fire displays the description like this: Looking at the source code for the description: That's the character "private use two" (U+0092). What on earth is that doing there? Well, in the ancient Windows-1252 encoding, 0x92 …
Continue reading →
More adventures with Unicode. I logged in to my Virgin Media account to see when my promotional discount would end. Here's what their billing PDF said. Let'S Ignore The Weird Capitalisation Virgin'S System Uses. What's that  doing there? Their website says: No  symbol, but also no £ sign. Ah, but let's look at the underlying code. What's that weird character? It is the control character string terminator, of course... Well, my discount is nearly finished, so I asked them for a la…
Continue reading →
(This isn't really a security issue, although I've disclosed it to the Twitter team.) "Fuzzing" is a computer science term which means "sending weird data into a program and seeing what happens." It's a useful way to see how your code can break in new and unexpected ways. It's particularly good at showing what a website's search engine does when it is confused. For example, here's a fairly mundane Tweet. Offshore A-Z@OffshoreAZ🏢 HONOUR INTERNATIONAL LIMITED🇰🇾 Cayman Islands🎯
Continue reading →
· bug microsoft · 1 comment · 400 words · read ~344 times.