The ease with which a bug can be exploited has everything to do with its impact. Exploiting buffer overflows is messy, requires a lot of effort, and it's detectable. Thus, you are more likely to use it for something special.
Apple's TLS handshake bug was trivially easy to exploit, entirely silently, in a fully automated fashion and with zero chance of detection and without leaving a trace. That's why it's a big deal.
If you are in the business of collecting massive amounts of data, this is exactly the type of bug that you would be using. SSL clients leak a large amount of data in the handshake (supported protocol versions, cipher suites, extensions, etc), allowing you to fingerprint them and detect the vulnerable ones on per connection basis. You then attack, safe in knowing that you won't be detected.
Once you get the victim's password (e.g., if you attack their email client), you can suck out all the data you want. Because you are the MITM, you can do it from their own IP address, too. All fully automated.
I think you're assuming that a platform can detect a buffer overflow. How exactly is an iPhone or iPad going to detect a buffer overflow?
I think we can all agree that owning the entire platform on a device is far worse than a MITM attack on a session. Even if it's all the sessions on that platform using TLS/SSL. executing code on the box means you can do many other things on that box, such as setting up a pivot point and keeping access to the platform as long as you want. If you can root the platform, then all bets are off.
Yes, we can agree that owning the entire platform is worse. But my point is that you can't ever achieve that without someone noticing. Think millions of devices. The malware would have to work flawlessly across a number of versions, interacting with many components installed, and even on jailbroken devices. It is very risky and intrusive, which makes it much less likely. An attack against TLS connection authentication is so _clean_ in comparison, that I can easily imagine various parties jumping to the opportunity.
Apple's TLS handshake bug was trivially easy to exploit, entirely silently, in a fully automated fashion and with zero chance of detection and without leaving a trace. That's why it's a big deal.
If you are in the business of collecting massive amounts of data, this is exactly the type of bug that you would be using. SSL clients leak a large amount of data in the handshake (supported protocol versions, cipher suites, extensions, etc), allowing you to fingerprint them and detect the vulnerable ones on per connection basis. You then attack, safe in knowing that you won't be detected.
Once you get the victim's password (e.g., if you attack their email client), you can suck out all the data you want. Because you are the MITM, you can do it from their own IP address, too. All fully automated.