"I make that assumption because MIE quite evidently relies on both hardware (the processor), as well as software - and the new iPhones introduce new chips which, logically, will eventually in some form extend to Apple's PCs and tablets. How does MIE work? In brief, the protection relies on both hardware and software with key components including secure typed memory allocators, Enhanced Memory Tagging Extension (EMTE) in synchronous mode, and Tag Confidentiality Enforcement. What are these?"
"Enhanced Memory Tagging Extension is Apple's strengthened version of ARM's Memory Tagging Extension (MTE). It assigns tags to chunks of memory and to every pointer to that memory so that when an app accesses memory the processor can check all the tags line up. If they don't, access is blocked. Tag Confidentiality Enforcement: This keeps those randomized tag values secret and ensures leaked data doesn't include the values assigned to those tags."
"These three technologies work together to block common memory attacks such as buffer overflows and use-after-free memory exploits, even at kernel level. This means that if malware tries to use a block of freed memory or tries a brute force attack or attempts to leak tag values, the tech prevents it. For a deeper dive into how the technology operates I urge you to look at Apple's own guidance."
MIE combines hardware and software protections tied to new Apple chips and processor features to enforce memory safety across devices. Key components include secure typed memory allocators, an Enhanced Memory Tagging Extension (EMTE) operating in synchronous mode, and Tag Confidentiality Enforcement. Secure typed allocators protect memory handling at the hardware/software boundary. EMTE tags memory regions and corresponding pointers so the processor can validate tag alignment at access time and block invalid access. Tag Confidentiality Enforcement conceals randomized tag values to prevent leakage and brute-force attacks. Together these measures block buffer overflows, use-after-free exploits, and other kernel-level memory attacks.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]