Comment by stefan_
2 years ago
Sure they do, and yet at the bottom of them we keep finding.. iMessage. Which is like a funnel that takes untrusted external input and feeds it into various ancient unmaintained native code blobs that were thrown into iOS for the "time to market". This time it's an 90s Apple extension to TrueType in a 90s Apple library that presumably no font on an iPhone actually uses, last time it was the 90s fax machine image compression algorithm in a never updated open source library. You see, the full exploit cost many many millions, but at the bottom there are entirely self-inflicted basic failures.
It would be so great if someone at Apple could get the buy-in to clean out this zoo but try explaining that to a product manager at these places.
> It would be so great if someone at Apple could get the buy-in to clean out this zoo but try explaining that to a product manager at these places.
It’s happening! Admittedly it’s happening slowly, but it is happening. PostScript support recently got stripped out of MacOS and iOS explicitly because the security risk was too great, and effort to make parsers and renders safe was greater than any residual benefit from the postscript format.
It also looks like the “fix” for one for the TrueType exploit was to simply strip out the ancient extension because it’s not used anymore. As for why it didn’t happen before now, that probably just because nobody knew it still existed.
Absolutely no disagreement there. iMessage's attack surface is ludicrously large for the actual behavior it delivers on the average user's phone.