←back to thread

Memory Integrity Enforcement

(security.apple.com)
458 points circuit | 1 comments | 09 Sep 25 18:25 UTC | HN request time: 0.202s | source
Show context
randyrand ◴[09 Sep 25 21:33 UTC] No.45189525[source]
> There has never been a successful, widespread malware attack against iPhone. The only system-level iOS attacks we observe in the wild come from mercenary spyware ... to target a very small number of specific individuals and their devices. Although the vast majority of users will never be targeted in this way..

Correct me if I'm wrong, but the spyware that has been developed certainly could be applied at scale at the push of a button with basic modification. They just have chosen not to at this time. I feel like this paragraph is drawing a bigger distinction than actually exists.

replies(5): >>45189743 #>>45189878 #>>45190353 #>>45193310 #>>45195568 #
saagarjha ◴[09 Sep 25 22:38 UTC] No.45190353[source]
It's mainly there as a swipe at Android. I don't think it really relates to the rest of the article (and, with no insight but with my conspiracy theory hat on, was included to peddle the merits of their App Store model).
replies(1): >>45190988 #
MBCook ◴[09 Sep 25 23:32 UTC] No.45190988[source]
Even without going conspiracy theory it fits very well as a simple marketing message. “We try hard at security and we do a good job of it. Here’s our newest tool.”

Personally I didn’t read it as a swipe against Android. If it was I don’t personally know what attack(s) it’s referring to outside of the possibility of malware installed by the vendor.

But if it’s installed by the vendor, they can really do anything can’t they. That’s not really a security breach. Just trust.

replies(1): >>45194455 #
1. saagarjha ◴[10 Sep 25 07:37 UTC] No.45194455[source]
It's aligned with their previous statements they've made about Android. It doesn't really fit here because the mitigation described is not really protecting users from widespread malware attacks.