It’s much less noticeable than a thinner profile or trick digital camera lenses, however Apple is pointing out another upgrade within the iPhone 17 household of telephones that it says is a part of “probably the most important improve to reminiscence security within the historical past of shopper working programs.” Explicitly focusing on the spy ware business that produces exploits for instruments like Pegasus to hack on focused gadgets, a collection of adjustments in Apple’s chips, OS, and growth instruments are a part of what it calls Reminiscence Integrity Enforcement (MIE).
With the introduction of the iPhone 17 lineup and iPhone Air, we’re excited to ship Reminiscence Integrity Enforcement: the business’s first ever, complete, always-on memory-safety safety protecting key assault surfaces — together with the kernel and over 70 userland processes — constructed on the Enhanced Reminiscence Tagging Extension (EMTE) and supported by safe typed allocators and tag confidentiality protections.
The strategy is much like what we’ve seen from Microsoft’s introduction of memory integrity security features for Windows 11, in addition to a collection of adjustments which have arrived to stop speculative-execution vulnerabilities like Spectre. Apple’s weblog put up additionally mentions efforts by ARM with the Reminiscence Tagging Extension (MTE) to combat reminiscence bugs, which is supported on Google’s Pixel telephones beginning with the Pixel 8 collection and enabled for supported apps should you activate Superior Safety.
Apple says its implementation goes a step additional, with the power to guard all customers by default and by designing its A19 and A19 Professional chips for enhanced safety, whereas nonetheless including reminiscence security adjustments for older {hardware} that doesn’t help the brand new reminiscence tagging options. The corporate additionally says its new mitigation for Spectre V1 leaks works with “just about zero CPU value” — as efficiency hits have been an issue for reminiscence integrity and other security measures — with all the adjustments making “mercenary spy ware” much more costly to develop.
The oldsters behind the security-focused GrapheneOS mission acknowledged the “main safety enhancements” that can assist iPhone safety in a put up on X, however also said they’d points with the presentation and the way it portrayed iOS safety vs options like MTE, already launched for Android. We’ll study extra about how a lot has modified as soon as these updates attain gadgets and attackers take their flip attempting to crack open the iPhone 17 and iPhone Air’s safety.