New Apple security feature reboots iPhones after 3 days, researchers confirm

(techcrunch.com)

286 points joegibbs | 1 comments | 15 Nov 24 01:55 UTC | HN request time: 0.545s | source

Show context

dcow ◴[15 Nov 24 04:42 UTC] No.42144029[source]▶

Why not just go all the way and separate the program instruction memory from the data memory, physically? I know there’s an approximation of this at the page level, but why even let the kernel modify its own memory in the first place? Memory unit that only loads signed pages. etc.

replies(3): >>42144066 #>>42144559 #>>42145502 #

pdpi ◴[15 Nov 24 04:55 UTC] No.42144066[source]▶

>>42144029 #

What you're asking for is a Harvard architecture computer (as opposed to a von Neumann architecture). There's tradeoffs involved.

Two things to keep in mind are that JITs are damn useful pieces of tech, so losing them is a pretty damn heft price to pay for that separation, and interpreters will still treat your data memory as program instruction memory, which limits the benefit.

replies(1): >>42156764 #

1. dcow ◴[16 Nov 24 15:02 UTC] No.42156764[source]▶

>>42144066 #

I know. My question is rhetorical. In a world where the only way to secure a VN machine is to reboot it every X seconds, at what point is reboot frequency so high that you might as well accept slower interpreters if it means you don’t have to reboot all the time? Or you run the kernel under a hypervisor and control the page security that way. JIT becomes a heavily scrutinized process between the kernel and hypervisor. JITed code is only ever executed in a clean address space. Etc. All the things browsers and kernels do poorly today.

↑