An interesting read. If the problem is apps entitlements, I wonder why Apple didn’t develop an AI to flag apps with suspicious entitlements? For a parser, it might be a problem with complex nested tags, but for human reviewers I argue it’s much easier to spot constructed entitlements. And Apple can always require the developers to rewrite the entitlements falls needed. Automatic sanitizing entitlements would be helpful, too because they are not designed for being complex.
I think a much simpler solution would be to just use one consistent XML parser. Throwing AI at things is not a good general solution. Black-box AI models may work in the common case, but they have edge cases with bizarre behaviors that are poorly understood. You'd end up with a result likely worse than this.
I understand the attitude of some saying Apple "should implement the absolute correct parser". But such way of thinking is not practical. The question is not whether there is an "absolute correct parser" but much more when can we have a relative correct and safe parser. The way Apple had to wrestle with 4 different implementations of the same parser function shows that the issue is not trivial. Other XML parsers may have the same problem, too, albeit uncovered yet.
Using AI to flag down unusual entitlements and other potential hacks in the future is much more practical and future-proof than race for the absolute correct guard. The AI should not replace a correct implementation but rather augment it as an additionl security tool.
I'm certain many organization would go this way in the near future (if they not already did!)
