Buried in a sea of flashy novelties unveiled by Apple this week, Tech Giant has also revealed new security technologies for the latest iPhone 17 and iPhone Air Devices. According to Apple, the new security technology was specially created to combat the types of vulnerabilities that dependent on surveillance vendors most.
This feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs. This is some of the most common vulnerabilities exploited by manufacturers of telephone law devices used by SPYware developers and law enforcement agencies.
“The known merctic spyware chains used against iOS share a common denominator with those targeted at Windows and Android. They are compatible, powerful, and exploiting industry-wide memory safety vulnerabilities,” Apple wrote in a blog post.
Cybersecurity experts are telling TechCrunch that this new security technology, including people who create hacking tools and exploit iPhones, can make Apple's latest iPhones some of the safest devices on the planet. As a result, it can make life difficult for companies that manufacture spyware and zero-day exploits to plant spyware on target phones or extract data from them.
“The iPhone 17 is probably the safest computing environment on the planet that is still connected to the internet,” a security researcher who has been working on selling and selling zero-day and other cyber features to the US government for many years, told TechCrunch.
Researchers told TechCrunch that Mie will increase the cost and time it takes to develop the latest iPhone exploits, thus increasing the price of customer payments.
“This is a big deal,” the researcher said. “It's not a hacking proof. But it's the closest we have to hack the proof. This isn't 100% perfect.
Please contact us. Are you developing spyware and zero-day exploits to study the potential impact of Apple's MIE? I'd like to know how this will affect you. From non-work devices, you can safely contact Lorenzo Franceschi-Bicchierai with a signal of +1 917 257 1382, via Telegram and Keybase @lorenzofb, or send an email. You can also contact TechCrunch via SecureDrop.
Jiska Classen, a professor and researcher studying iOS at the Hassoplatner Institute in Germany, agreed that Mie would increase the cost of developing surveillance technology.
Classen said this is part of a bug and exploit that stops working now, once a new iPhone is released and MIE is implemented, it is part of a bug and exploit that stops working now.
“We could also imagine that in certain time windows the iPhone 17 exploits were not working for Mercenary Spyware vendors,” Classen said.
“This will definitely make their lives infinitely difficult,” says Patrick Wardle, a researcher who runs a startup that manufactures cybersecurity products exclusively for Apple devices. “Of course, it's been said with warning that it's always a cat and mouse game.”
Wardle said anyone worried about being hacked with spyware should upgrade to a new iPhone.
Experts TechCrunch said MIE would reduce the effectiveness of both remote hacking, including those launched in spyware such as NSO Group's Pegasus and Paragon's graphite. It also helps protect against hacks of physical devices, such as those run on phones that unlock hardware such as Cellebrite and Graykey.
Take on the “majority of exploits”
Most modern devices, including most of today's iPhones, run software written in programming languages that are prone to memory-related bugs. When triggered, a memory bug may cause memory content from one app and not leak to other areas of the user's device.
Memory-related bugs allow malicious hackers to access and control parts of memory of devices that should not be allowed. This access can be used to plant malicious code that can gain broader access to person's data stored in cell phone memory, and can be ruled out on the phone's internet connection.
Mie aims to protect against these types of widespread memory attacks by significantly reducing the attack surface that can exploit memory vulnerabilities.
According to offensive cybersecurity expert Halvar Flake, memory corruption is “a large part of exploitation.”
Mie is built on a technology called Memory Tagging Extension (MTE), originally developed by Chipmaker Arm. In a blog post, Apple said it has worked with ARM for the past five years to expand and improve memory safety features to a product called Enhanced Memory Tagging Extension (EMTE).
Mie utilizes Apple, which has full control over the technology stack, from software to hardware, unlike many phone manufacturing competitors, as Apple implements this new security technology.
Google offers MTE for some Android devices. Security-centric Grapheneos, a custom version of Android, also offers MTE.
However, other experts say Apple's Mie is taking it a step further. Flake said Pixel 8 and Graphenos are “almost equivalent,” but the new iPhone will become the “safeest mainstream” device.
Mie works by assigning each piece of memory on your new iPhone with a secret tag. This means that only apps with that secret tag will be able to access physical memory in the future. If the secrets do not match, if Security initiates a request and blocks it, the app will crash and logs the event.
That crash and logging is especially important as spyware and zero-days are likely to cause crashes. It is likely that Apple and security researchers will be able to investigate attacks.
“The wrong steps lead to crashes and potentially recoverable artifacts for defenders,” said Matthias Frielingsdorf, vice president of research at Iverify, which manufactures apps that protect smartphones from spyware. “The attackers already had an incentive to avoid corruption in their memories.”
Apple did not respond to requests for comment.
Mie is system wide by default. This means protecting apps like Safari and Imessage. This will be the entry point for spyware. However, third-party apps need to implement MIE on their own to improve user protection. Apple has released a version of EMTE for developers to do that.
In other words, MIE is a big step in the right direction, but it takes time to see the impact depending on how many developers implement it and how many people buy a new iPhone.
Some attackers will inevitably still find a way.
“Mie is a good thing, and it could even be a big deal. It can significantly increase the cost of attackers and even drive some of them out of the market,” Frielingsdorf said. “But there are still many bad actors who can find success and keep the business going.”
“As long as there are buyers, there will be sellers,” Frielingsdorf said.