Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

One would hope there would be some sanitization of attachments to prevent this.

I also wish there was a regular option in iOS Messages to disable link previews.



There's a ton of sanitization of attachments. It just isn't foolproof.

On iOS messages attachments are decoded in a separate, heavily restricted and sandboxed process, and the decoded sanitized results are sent back to the UI process. It just isn't perfect.


Apple (and Google fwiw) do in fact have impressive hardening around their parsers.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: