[moyix]

No, it just means that they've found vulnerabilities that can be triggered without user interaction. This is entirely doable by just fuzzing or reverse engineering the released iOS binaries.

[toxik]

I mean, you’re not going to fuzz your way to bit twiddling together a small virtual computer inside of a compression stream.

[moyix]

Of course – but you can definitely fuzz your way to the initial vulnerability. The VM stuff is done once you have that vulnerability and are writing the actual exploit, which is a manual process.

[TechBro8615]

The blog says the PDF parsing was based on xpdf which is open source.

[distantsounds]

go ahead, fuzz your own iOS exploit. you make it sound like someone just cranks one out before lunch.

[bawolff]

Entirely do-able by a team of experts with multimillion dollar budgets over the course of probably many months, doesn't sound at all similar to average hn commenter being able to do it before lunch.