12 comments

[ 4.2 ms ] story [ 42.9 ms ] thread
These are security holes patched in 6.1. I almost first read it as these are issues existent in 6.1. They need to better title the article.
Interesting to see a lot of Google contributors to the WebKit memory corruption issue. Does Google or Apple push more commits to WebKit these days, or is it about even?
Well seeing as Chrome is also webkit based (and is used for the spider), you'd imagine google would make a lot of contributions it :p
Here's a clue from back in 2010

http://neugierig.org/software/chromium/notes/2010/02/webkit-...

Which shows that Google overtook Apple in late 2009. I don't know if that's still current, but the blog author did post the python source code he wrote to make that graph. Perhaps some enterprising HN reader can update us for 2013?

https://github.com/martine/webkit-who

I was at a party with a Chrome security guy (and a Mozilla security guy) a couple days ago and it certainly sounded like 80+% were Google instead of Apple, at least in security.

Also apparently there's a guy at Google who fuzzes Mozilla code using Google servers and collects a lot of Mozilla bounties (like $100k/yr) personally, which is kind of an interesting ethical thing :)

Even more interesting ethically considering a large portion of Mozilla's revenue comes from Google.
Not sure if I would read too much into it, though. One of my friends is a WebKit contributor, and apparently people at Apple regularly get their code reviewed and approved by Google employees and vice versa (as well as people outside both companies, since they're all just contributors to the WebKit project).
Glad to see continuous effort from Apple in battling security threats.

Grumpy to see that this page doesn't render correctly in the latest version of Chrome.

It's because Chrome is blocking the page from loading resources from an insecure location. Change the https to http and it works fine.
> Glad to see continuous effort from Apple in battling security threats.

Okay, I'll be that guy in this thread: Continuous efforts for recent devices only. I still know a few iPad 1's in regular use and they'll stay unpatched forever. In that situation, such a long list of exploits is scary rather than comforting.

There seems to be a lot more useful explaining going on here compared to the bland platitudes I'm used to reading from Microsoft.