Get the latest tech news
Apple Claims 'Most Significant Upgrade to Memory Safety' in OS History
"There has never been a successful, widespread malware attack against iPhone," notes Apple's security blog, pointing out that "The only system-level iOS attacks we observe in the wild come from mercenary spyware... historically associated with state actors and [using] exploit chains that cost millio...
Known mercenary spyware chains used against iOS share a common denominator with those targeting Windows and Android: they exploit memory safety vulnerabilities, which are interchangeable, powerful, and exist throughout the industry... For Apple, improving memory safety is a broad effort that includes developing with safe languages and deploying mitigations at scale... More importantly, our analysis showed that while EMTE had great potential as specified, a rigorous implementation with deep hardware and operating system support could be a breakthrough that produces an extraordinary new security mechanism.... Based on our evaluations pitting Memory Integrity Enforcement against exceptionally sophisticated mercenary spyware attacks from the last three years, we believe MIE will make exploit chains significantly more expensive and difficult to develop and maintain, disrupt many of the most effective exploitation techniques from the last 25 years, and completely redefine the landscape of memory safety for Apple products.
Or read this on Slashdot
