How about another theory...<p>The kind of organisations that use these exploits rarely want to use the same one twice. That would link the two uses, which could reveal who was attacking who or why.<p>However, anti-rooting protections on iOS devices are such that the vast majority of organisations don't have any kind of logging or analysis infrastructure set up which could trace which devices have a specific exploit run against them.<p>The exploit is probably delivered by an encrypted channel, so even if you did full traffic logging from all employee devices to the internet, you still wouldn't have enough info to know which devices were infected, since the attacker will surely use a different server each time to deliver the exploit.<p>That suddenly makes it much safer to reuse exploits, so there isn't such a big market for a new exploit for every covert operation.<p>The same isn't true of Android - there are plenty of apps which will trace syscalls, dump logs, send suspicious files for analysis, etc. That makes reusing an exploit a risky business for three letter agencies, especially if you're attacking another three letter agency who probably has their own custom anti-malware type software just waiting for you to trip a tripwire.
I wonder what is the reason for that? I doubt Apple code quality dropped significantly. Is it simply because more people started to look for vulnerabilities? Or was it because better tools to discover the bugs became available?
What is the business model of this company? Are they selling such exploits to whoever is willing to pay the most?<p>And does this mean Android is more secure?
I made a few guesses on a previous thread: <a href="https://news.ycombinator.com/item?id=23170237" rel="nofollow">https://news.ycombinator.com/item?id=23170237</a>