Most active commenters

    ←back to thread

    Memory Integrity Enforcement

    (security.apple.com)
    461 points circuit | 12 comments | 09 Sep 25 18:25 UTC | HN request time: 0.447s | source | bottom
    1. gjsman-1000 ◴[09 Sep 25 19:16 UTC] No.45187272[source]
    I think hackers are not ready for the idea that unhackable hardware might actually be here. Hardware that will never have an exploit found someday, never be jailbroken, never have piracy, outside of maybe nation-state attacks.

    Xbox One, 2012? Never hacked.

    Nintendo Switch 2, 2025? According to reverse engineers... flawlessly secure microkernel and secure monitor built over the Switch 1 generation. Meanwhile NVIDIA's boot code is formally verified this time, written in the same language (ADA SPARK) used for nuclear reactors and airplanes, on a custom RISC-V chip.

    iPhone? iOS 17 and 18 have never been jailbroken; now we introduce MIE.

    replies(8): >>45187602 #>>45187884 #>>45188108 #>>45188283 #>>45188320 #>>45188444 #>>45190700 #>>45198883 #
    2. Avamander ◴[09 Sep 25 19:37 UTC] No.45187602[source]
    Saying "never" is too bold. But it's definitely getting immensely difficult.

    There are still plenty of other flaws besides memory unsafety to exploit. I doubt that we'll see like a formally proven mainstream OS for a long time.

    replies(2): >>45188208 #>>45191178 #
    3. jgalt212 ◴[09 Sep 25 19:57 UTC] No.45187884[source]
    > iPhone? iOS 17 and 18 have never been jailbroken; now we introduce MIE.

    So far as you know. There's a reason they call them zero-day vulnerabilities.

    4. zb3 ◴[09 Sep 25 20:09 UTC] No.45188108[source]
    Israeli companies and agencies will surely find a way.. even if software/hardware might really be unhackable, it seems people will never be..
    5. wbl ◴[09 Sep 25 20:15 UTC] No.45188208[source]
    Those flaws get harder the more restricted devices are.
    replies(1): >>45189870 #
    6. landr0id ◴[09 Sep 25 20:18 UTC] No.45188283[source]
    >Xbox One, 2012? Never hacked.

    Not publicly :)

    7. bri3d ◴[09 Sep 25 20:21 UTC] No.45188320[source]
    I would deeply, strongly caution against using public exploit availability as any evidence of security. It’s a bad idea, because hundreds of market factors and random blind luck affect public exploitability more than the difficulty of developing an exploit chain.

    Apple are definitely doing the best job that any firm ever has when it comes to mitigation, by a wide margin. Yet, we still see CVEs drop that are marked as used in the wild in exploit chains, so we know someone is still at it and still succeeding.

    When it comes to the Xbox One, it’s an admirable job, in no small part because many of the brightest exploit developers from the Xbox 360 scene were employed to design and build the Xbox One security model. But even still, it’s still got little rips at the seams even in public: https://xboxoneresearch.github.io/games/2024/05/15/xbox-dump...

    8. ls612 ◴[09 Sep 25 20:29 UTC] No.45188444[source]
    As the ability to make remote controlled hardware unhackable increases the power asymmetry between those who can create such hardware and the masses who cannot will drastically increase. I leave it as an exercise for the audience as to what the equilibrium implications are for the common man, especially in western countries where the prior equilibrium was quite different.
    9. bigyabai ◴[09 Sep 25 21:59 UTC] No.45189870{3}[source]
    Depends. If "restriction" means "complexity" then you may end up with scenarios like the BlastDoor vulns (eg. FORCEDENTRY).
    10. heavyset_go ◴[09 Sep 25 23:07 UTC] No.45190700[source]
    I think the nature of the scene changed and exploits and jailbreaks are kept to small groups, individuals or are sold.

    For example, I might know of an unrelated exploit I'm sitting on because I don't want it fixed and so far it hasn't been.

    I think the climate has become one of those "don't correct your adversary when they make mistakes" types of things versus an older culture of release clout.

    11. MBCook ◴[09 Sep 25 23:51 UTC] No.45191178[source]
    True. But if developing an exploit takes 15 years and the average life of the device is five then to some degree that is effectively perfect.
    12. orbital-decay ◴[10 Sep 25 15:06 UTC] No.45198883[source]
    Unhackable and backdoored. Operation Triangulation would have been impossible without Apple backdooring their own hardware.