> Type one crashes indicate that the chain of events set off by invoking copyGifFromPath:toDestinationPath:error ultimately crashed while apparently invoking ImageIO’s functionality for rendering Adobe Photoshop PSD data.
> Type two crashes indicate that the chain of events set off by invoking copyGifFromPath:toDestinationPath:error ultimately crashed while invoking CoreGraphics’ functionality for decoding JBIG2-encoded data in a PDF file.
The usual suspects. I don't know why it isn't possible to deactivate media parsing in the phone's text messaging app, as the vulnerabilities seem to always be found in those. How often do people send PDF/PSD files by text message?!
I certainly don’t want to suggest that Apple couldn’t do more in terms of security, but 0-days are inevitable. Every OS has them, and will continue to have them. Throwing money at this can make it better, but I don’t think it’s possible to “fix” it without creating some sort of new paradigm for how software is made.
True, but there's a wide range of things that can be done to change how difficult it is to find those 0-days, while also provide good incentives to those capable of finding said O-days.
Writing the iMessage parser in a memory safe language is a step towards a "new paradigm" [0], but more can and should be done by a company Apple's size.
Apple has the money and influence to buy this exploits and analyze them, probably NSA are using them too so Apple won't attempt to upset NSA so they do nothing because the "good guys" are using it too.
Also Apple is notorious on their bad bounties and on have a bad history on providing researchers with unlocked devices for testing, probably Google found more security bugs in iOS then Apple.
Some 0-days - sure. But we're talking about a major corporation continuing their business uninhibited.
If the NSO Group has been active for a number of years, couldn't Apple make an effort to purchase their products (through some third party, perhaps) and then reverse-engineer the vulnerabilities?
I agree that Apple should do more to improve their relationship with security researchers, including paying better.
However I also don't think that this can fully solve the problem - if a government creates a sufficiently funded black hat operation (or outsources it to someone like NSO, which is effectively the same thing), it's inevitable that they will find a 0-day sooner or later.
This is going off topic a bit, but I honestly don't know what the solution to this is. The pragmatic truth is that anyone who is a big enough target that it would be worth for a hostile entity to spend a couple million to intercept their communication should assume at all times that their devices are compromised.
If apple paid 10 million for a 0 day exploit the people who create the exploits would be incentivized to tell apple instead of developing exploits for their employer. Apple could definitely be doing more with their infinite money.
They don't have any incentive to, in fact the opposite is true - they purposefully don't fix zero days so intel agencies can use them to spy on dissidents.
