CoreText Font Rendering Bug Leads To iOS, OS X Exploit

redkemper writes with this news from BGR.com (based on a report at Hacker News), excerpting: "Android might be targeted by hackers and malware far more often than Apple's iOS platform, but that doesn't mean devices like the iPhone and iPad are immune to threats. A post on a Russian website draws attention to a fairly serious vulnerability that allows nefarious users to remotely crash apps on iOS 6, or even render them unusable. The vulnerability is seemingly due to a bug in Apple's CoreText font rendering framework, and OS X Mountain Lion is affected as well."

Re:Who says?

[girlintraining]

Holy cow, your fanboy hat must be cutting off the flow of blood to your brain. Explain again why an OS with 4x the market share garners 100x the exploits?

You're reading the statistics wrong. But whatever, you get +1, I get -1, because you're not a fanboy who made a personal attack, and apparently my quoting statistics was too inflammatory. Ah well.. yet more proof slashdot has gone to the dogs. Let's burn some more karma in a fruitless endeavor to explain to the fanboys statistics 101... because I'm bored and it's my lunch hour.

The dominant operating system with the largest marketshare has almost the same amount of malware being produced for it relative to its marketshare. This is precisely what you'd expect. It'd be like saying "A car that is driven by 80% of people also gets in 80% of accidents."

It does not have "100x" the exploits. It has "1x" the exploits. It has exactly the number of exploits you'd expect.

iPhone sales ALWAYS drop this time of year because

... irrelevant. Whether iPhone sales drop this month by 3% or not, they're still only clocking a 1:4.7 ratio of iphones to android phones. a 3% fluxuation means very little compared to the massive trend downward over the past several years. And that's what the malware authors are looking at.

So don't give me this "you must be a fanboy!" crap and then get all your hipster friends to downmod me... the facts are staring you in the face: The reason it has fewer exploits is because it has a small (and shrinking) marketshare, just like DOS, OS/2, etc. This is no different than the argument that Linux is more secure because nobody develops malware for it... yeah, sure, okay... but nobody uses Linux. Not as a desktop anyway. Malware authors go for the lion's share, not the outliers, and any security expert will tell you that Linux has had plenty of exploitable conditions in the past... but they weren't exploited because it wasn't as valuable to spend time developing one for Linux as it would be for the dominant OS -- Windows.