zlacker

So a crashing bug in the text rendering framework is now worth an article in major publications?

I stumbled over two or three of them in the last couple of years while debugging crash reports sent in by customers.

Seems that text rendering is hard. Maybe fuzzing CoreText would be a worthwhile target to discover vulnerabilities?

replies(3): >>Someon+Q >>Bitcoi+0h >>zackif+Bj

>>jakobe+(OP)
Or take text rendering out of the kernel.

The whole device shouldn't restart due to malformed text, that's just sloppy. If Microsoft can do it with Windows then Apple can do it on iOS.

replies(1): >>valley+OA

>>jakobe+(OP)
I'm not sure either Y Combinator News nor the linked site are "major publications".

It is news, because there's a _completely passive_ way to crash a device, and crashes nearly always will allow for unauthorized code execution, given enough resources to work on the problem. You could launch a DOS attack on phones this way, and we all know that Cell Phones are how we're warned about emergencies, etc.

For what it's worth, Microsoft Edge, my default browser, had no problems with this page.

replies(1): >>danso+9I

>>jakobe+(OP)
My iPhone X wont even open imessages after trying to delete two texts with this message, i would say its a pretty big problem

replies(1): >>maxmcd+Ts

>>zackif+Bj
I believe the solution present on this linked page will help you: https://www.vincedes3.com/save.html

Opens imessage again with a message draft so that you can delete the conversation without fetching the linked bug

replies(1): >>a_t48+Yy

>>maxmcd+Ts
Warning - this link has dozens of not work appropriate ads on it now.

replies(1): >>maxmcd+FX

>>Someon+Q
Text rendering does not live in the kernel on macOS or iOS.

>>Bitcoi+0h
The BBC is the largest broadcaster in the world.

>>a_t48+Yy
Agh, apologies, missed those with my adblocker