This is one of those stories that need to start with a film-like disclaimer - do not try this at home. Not a daredevil stunt, just a phone bug but one that could crash someone else’s phone for good.
The stunt that you should not try is saving someone’s name with hundreds of characters. Saving for instance a name as ‘
Problem comes not when you save a contact in this manner. But when you try to send it to someone else. Some poor bloke may ask for a contact number and you send this 2000-character name and numbers to him and voila, his phone crashes.
“Because the Operating System would only have allocated a fixed amount of memory to save a contact and when that’s exceeded, the system cannot handle it,” says Pratheesh Narayanan, a final year B. Tech. student in Ernakulam who has reported this bug to Google and received a reward of 10,000 dollars (Rs 7.6 lakh) this January. The bug -- tracked as CVE-2019-2232 -- has been recently fixed.
Pratheesh has been doing this for two to three years now, he says, reporting bugs to companies like Google and Facebook who would then reward him and fix the errors. He is even on the Google Bughunter hall of fame, and the Facebook hall of fame.
“There are others like me, among students and working professionals, doing this on a freelance basis. I think even after the course is over, I will continue with this freelance work,” Pratheesh says. And why shouldn’t he? The lad has already earned several lakh rupees reporting bugs.
He has reported 13 so far – nine of these were for Facebook’s WhatsApp, three for Google and one for Microsoft’s Github.
The first bug he reported was on WhatsApp, an error that came with those long messages that end with ‘read more’. Another was about a Telugu character which if included in a message could crash the receiver’s phone.
“These are not the bugs that come when you install some unknown software. These are what happen for no fault of yours,” Pratheesh says. He uses trial and error to find out most of these bugs, he says.