> What is the purported lesson we should have learned?
Not to automatically execute things within data that we have been sent.
> What is the purported lesson we should have learned?
Not to automatically execute things within data that we have been sent.
I think it's "don't use parsers written in unsafe languages".
I think it's simpler: don't touch untrusted content unless/until you need to.
That's easy, and already done. Phones only touch untrusted content when they need to, it's just that they need to touch it immediately upon receipt