It’s much less noticeable than a thinner profile or trick digicam lenses, however Apple is pointing out another upgrade within the iPhone 17 household of telephones that it says is a part of “probably the most vital improve to reminiscence security within the historical past of shopper working programs.” Explicitly focusing on the adware trade that produces exploits for instruments like Pegasus to hack on focused gadgets, a collection of modifications in Apple’s chips, OS, and growth instruments are a part of what it calls Reminiscence Integrity Enforcement (MIE).
With the introduction of the iPhone 17 lineup and iPhone Air, we’re excited to ship Reminiscence Integrity Enforcement: the trade’s first ever, complete, always-on memory-safety safety overlaying key assault surfaces — together with the kernel and over 70 userland processes — constructed on the Enhanced Reminiscence Tagging Extension (EMTE) and supported by safe typed allocators and tag confidentiality protections.
The method is much like what we’ve seen from Microsoft’s introduction of memory integrity security features for Windows 11, in addition to a collection of modifications which have arrived to forestall speculative-execution vulnerabilities like Spectre. Apple’s weblog publish additionally mentions efforts by ARM with the Reminiscence Tagging Extension (MTE) to battle reminiscence bugs, which is supported on Google’s Pixel telephones beginning with the Pixel 8 collection and enabled for supported apps when you activate Superior Safety.
Apple says its implementation goes a step additional, with the power to guard all customers by default and by designing its A19 and A19 Professional chips for enhanced safety, whereas nonetheless including reminiscence security modifications for older {hardware} that doesn’t assist the brand new reminiscence tagging options. The corporate additionally says its new mitigation for Spectre V1 leaks works with “just about zero CPU price” — as efficiency hits have been a problem for reminiscence integrity and different security measures — with the entire modifications making “mercenary adware” much more costly to develop.
The oldsters behind the security-focused GrapheneOS undertaking acknowledged the “main safety enhancements” that may assist iPhone safety in a publish on X, however also said that they had points with the presentation and the way it portrayed iOS safety vs options like MTE, already launched for Android. We’ll be taught extra about how a lot has modified as soon as these updates attain gadgets and attackers take their flip attempting to crack open the iPhone 17 and iPhone Air’s safety.