[sneak]

Forget about Rust, and forget about drive-bys.

Why hasn't Apple rewritten libtiff, libpng, libjpeg, libwebp, et c in Swift?

Their flagship moneymaker keeps getting popped via these, and they have thousands of engineers and a memory safe first party language. The zeroclick from a few weeks ago relied on a chain, the second most important of which (CVE-2023-41064) was in libwebp. (The first most important was a kernel privilege escalation. XNU is c and cpp, of course.)

I really can't imagine that writing performant replacements for these libraries would be that daunting a task for them, and it would permanently shut down an entire class of repeated, ongoing vulnerabilities. I really don't understand why Apple relies on 3p code for format parsing/decoding when it has proven over and over again to be a source of brand damage.

[hsbauauvhabzb]

I’m gonna guess apple has considered the ROI on this, the negative publicity can’t be good for them but in the context of apple id somewhat agree. I consider iOS probably more secure than desktop operating systems, and it’s the Crown Jewels of my life.

Curl is maintained by a much smaller set of people, and is delivered for free.

[PlutoIsAPlanet]

> Why hasn't Apple rewritten libtiff, libpng, libjpeg, libwebp, et c in Swift?

Because they're shared libraries which other programs have linked to.

Additionally they've had decades of work and rewriting them increases chance that it will break something.

[sneak]

I'm talking about for use in Apple's first-party apps, like PassKit/Wallet, which is how the zeroclick happened recently. Apple gets to choose what codecs PassKit uses.

They also use them in Safari, AFAIK.

I'm also pretty sure most consumers of them are using them via ImageIO, which is under Apple's exclusive control.

[runeks]

> Because they're shared libraries which other programs have linked to.

It's almost always apple's own iMessage app that gets compromised; so they can use whatever library they want.

[novok]

Swift is probably not quite good enough for that type of library actually. There was a lot of hype about it being an everything language, but I'm not sure if it actually is for a low level graphics decoding library. For example, a core internal library of SwiftUI is written in C++, ActionGraph, and that is a pretty new thing!

Also apple can be slow to write things in new coding languages internally, there is a lot of stuff still in Objective-C and will be for many, many years.