It’s much less noticeable than a thinner profile or trick digital camera lenses, however Apple is declaring one other improve within the iPhone 17 household of telephones that it says is a part of “essentially the most vital improve to reminiscence security within the historical past of client working techniques.” Explicitly focusing on the spy ware business that produces exploits for instruments like Pegasus to hack on focused gadgets, a sequence of modifications in Apple’s chips, OS, and improvement instruments are a part of what it calls Reminiscence Integrity Enforcement (MIE).
With the introduction of the iPhone 17 lineup and iPhone Air, we’re excited to ship Reminiscence Integrity Enforcement: the business’s first ever, complete, always-on memory-safety safety protecting key assault surfaces — together with the kernel and over 70 userland processes — constructed on the Enhanced Reminiscence Tagging Extension (EMTE) and supported by safe typed allocators and tag confidentiality protections.
The method is just like what we’ve seen from Microsoft’s introduction of reminiscence integrity security measures for Home windows 11, in addition to a sequence of modifications which have arrived to stop speculative-execution vulnerabilities like Spectre. Apple’s weblog submit additionally mentions efforts by ARM with the Reminiscence Tagging Extension (MTE) to struggle reminiscence bugs, which is supported on Google’s Pixel telephones beginning with the Pixel 8 sequence and enabled for supported apps if you happen to activate Superior Safety.
Apple says its implementation goes a step additional, with the power to guard all customers by default and by designing its A19 and A19 Professional chips for enhanced safety, whereas nonetheless including reminiscence security modifications for older {hardware} that doesn’t assist the brand new reminiscence tagging options. The corporate additionally says its new mitigation for Spectre V1 leaks works with “nearly zero CPU price” — as efficiency hits have been a difficulty for reminiscence integrity and different security measures — with all the modifications making “mercenary spy ware” much more costly to develop.
The parents behind the security-focused GrapheneOS mission acknowledged the “main safety enhancements” that may assist iPhone safety in a submit on X, but additionally stated that they had points with the presentation and the way it portrayed iOS safety versus options like MTE, already launched for Android. We’ll be taught extra about how a lot has modified as soon as these updates attain gadgets and attackers take their flip attempting to crack open the iPhone 17 and iPhone Air’s safety.
