I quite like the new Outlook for Windows. But it has a couple of annoying bugs. One of which is, when it is maximised it doesn't let you unhide your bottom task bar. I've set up Windows so the taskbar disappears whenever my cursor isn't at the bottom of the screen. When my mouse touches the bottom, the bar appears. Lovely! But Outlook breaks this functionality - which I'm pretty sure existed…
Continue reading →
I try to write good bug reports, I really do. I fill out templates when asked. I try to include reproducible proof of the bug. I'll even give a screenshot or screen recording to prove I'm not making things up. If I'm familiar enough with the programming language, I'll also attempt to say roughly where the problem lies. Sadly, that's not always enough. Two years ago today, I wrote what I thought …
Continue reading →
Chrome for Android had a flaw which let one tab draw over another - even if the tabs were on completely different domains. A determined attacker might have been able to abuse this to convince a user to download and installed a spoofed app. See Chrome Bug #1242315 for details. Demo Here's a video of me on one site (Twistory.ml) opening a link to Twitter in a new tab. Twitter's mobile site…
Continue reading →
Whenever I open Twitter in a new tab on my phone, the page layout looks weird for a few seconds. It starts out looking like the desktop view and then, after a few seconds, it snaps back to the mobile view. What's causing this? Try opening this link to a window size detector in a background tab. Then visit that tab. On Chrome, this is what I see. If I hit the refresh button on that tab, the …
Continue reading →
Recently, I bought an eBook which has a bug. I'd like to explain what the bug is, why it is a problem, and how I'm trying to get it corrected. Amazon sells eBooks in KF8 format. That is an ePub with some proprietary extras. ePub is a standard based off HTML5. You can read the ePub 3 specification but, basically, it is a .zip of HTML files. If you unzip an eBook, you can read the source code…
Continue reading →
I found a curious little bug and I'm interested in who you think should take responsibility for it. My mobile network provider sent me this message: I clicked on the link, and got this error message from their website: The error is caused by the trailing full-stop. Remove the full-stop and the page loads. There are four potential culprits here... Virgin Media's Web Team Should their…
Continue reading →
Technology never works right. And video technology never works right even harder. The Amazon 4K Fire Stick is a pretty cool bit of kit. It's an Android device which can push 4K HDR video with surround sound to your TV. But, like any technology, it's buggy. Here's the bug report I've tried to send to Amazon and the BBC. They haven't answered - so I'm publishing it here as well. BBC iPlayer…
Continue reading →
Another day, another Gmail bug which won't get fixed. The original Android phone - HTC Dream - had 192MB of RAM. The latest Android phones tend to have 6GB. A 32 times increase in a decade. Laptops have also leapt forwards in speed and memory. Sadly, no one on the Gmail team has noticed. It's 2019, and Gmail app users are still seeing the dreaded "[Message Clipped] View entire message"…
Continue reading →
Here's a curious bug I just discovered in Firefox 67 for Linux. Can you see this unicorn: →🦄 ← What happens if you use CSS to change the opacity of an emoji? Here's a unicorn, with a pink font colour: 🦄 Unicorn Let's wrap that in this scrap of CSS to make it 50% opaque. color: rgba(255, 105, 180, 0.5); 🦄 Unicorn Hopefully, you see a semi-transparent philosophical argument. What if we set …
Continue reading →
It's 2019 and high-tech devices are still plagued by text encoding bugs. I recently bought the new 4K Amazon Fire Stick. It's a little Android dongle which plays videos. It's neat - but quite often displays weird text errors. Take the kids' TV show House of Anubis, the Fire displays the description like this: Looking at the source code for the description: That's the character "private use…
Continue reading →
More adventures with Unicode. I logged in to my Virgin Media account to see when my promotional discount would end. Here's what their billing PDF said. Let'S Ignore The Weird Capitalisation Virgin'S System Uses. What's that  doing there? Their website says: No  symbol, but also no £ sign. Ah, but let's look at the underlying code. What's that weird character? It is the control ch…
Continue reading →
(This isn't really a security issue, although I've disclosed it to the Twitter team.) "Fuzzing" is a computer science term which means "sending weird data into a program and seeing what happens." It's a useful way to see how your code can break in new and unexpected ways. It's particularly good at showing what a website's search engine does when it is confused. For example, here's a fairly…
Continue reading →