In some regions exploits are very broadly deployed on the internet, to target people looking for political activism resources. And journalists, lawyers, and politicians are all regularly targeted by mercenary spyware as well.

The exploit chains used by mercenary spyware are also the same as the ones used by commercial spyware and data hacking kits, like Cellebrite and GrayKey. These tools are often in the hands of low-level law enforcement employees or even outside of government, and are regularly abused.

If these threats could cause you significant harm, this may well be a great reason to upgrade your phone.

https://www.jonaharagon.com/posts/memory-integrity-enforcement-changes-the-game-on-ios/

#MemoryIntegrityEnforcement #Apple #MTE #Security #Infosec #Cybersecurity #MemoryTagging #Article

so @cwtch l keeps crashing due to memory tagging errors. is it possible to fix this without having to submit a PR to the project?

if not, are there common things to look for in the source etc that could be patched to fix it?

tagging @sarahjamielewis and @GrapheneOS

#cwtch #grapheneOS #memoryTagging #MTE

We've added documentation for the hardware memory tagging implementation in hardened_malloc:

https://github.com/GrapheneOS/hardened_malloc?tab=readme-ov-file#memory-tagging

GrapheneOS on Pixel 8 / Pixel 8 Pro is the first platform using ARM MTE in production. Stock Pixel OS has it as a hidden development option requiring using ADB.

#GrapheneOS #privacy #security #mte #MemoryTagging #arm

(01 Jan) Memory Tagging Extension

OVERVIEW

Memory Tagging Extension (MTE) is a security architecture feature that works in tandem with modern C++.

DATE
2024-01-01

TIME
1600hrs (UTC+0000).

RSVP is required.

All members of the Ummah are welcome !

#MemoryTagging
#Cplusplus
#SoftwareSecurity
#HardwareSecurity

Pixel 8 providing hardware memory tagging support is a massive security advance for GrapheneOS. This hardware feature only helps if the OS uses it like GrapheneOS, and the security it provides entirely depends on how it's used. We have a great implementation in hardened_malloc.

#GrapheneOS #privacy #security #MemoryTagging #MTE #Pixel8 #Pixel8Pro

GrapheneOS now has hardware memory tagging support in our Stable channel. Memory tagging greatly improves protection against targeted attacks. Thanks to hardware support on the Pixel 8 and Pixel 8 Pro, it's extremely low overhead despite the massive benefits it's able to provide.

#GrapheneOS #security #android #pixel #mte #MemoryTagging

We've been making more progress on hardware memory tagging support for Pixel 8 and Pixel 8 Pro. Our initial hardened_malloc integration has no noticeable overhead in fastest asynchronous mode and the asymmetric mode is lower overhead than legacy mitigations like stack canaries.

#GrapheneOS #security #android #pixel #mte #MemoryTagging

Pixel 8 and Pixel 8 Pro are ARMv9 devices supporting hardware memory tagging. Stock OS currently has a very primitive experimental implementation available as a developer option. We're going to be deploying a more advanced implementation for hardened_malloc in production soon.

#GrapheneOS #security #android #pixel #mte #MemoryTagging

D. Demicco et al., "Generic Tagging for RISC-V Binaries"¹

With the widespread popularity of RISC-V -- an open-source ISA -- custom hardware security solutions targeting specific defense needs are gaining popularity. These solutions often require specialized compilers that can insert metadata (called tags) into the generated binaries, and/or extend the RISC-V ISA with new instructions. Developing such compilers can be a tedious and time-consuming process. In this paper, we present COGENT, a generic instruction tag generator for RISC-V architecture. COGENT is capable of associating a tag of configurable and varying widths (1 to 20 bits) to each instruction. It is also capable of emitting labels that are central to the implementation of control-flow integrity (CFI) solutions. COGENT encodes all tags and labels as nop instructions thereby providing full backward compatibility.
We evaluate COGENT on a subset of programs from the SPEC CPU2017 benchmark suite and report the binary size increase to be 29.3% and 18.27% for the lowest and highest tag coverage levels respectively. Additionally, we executed tagged programs on COTS RISC-V unmodified hardware and found the execution time overhead (with respect to backward compatibility) to be 13.4% and 5.72% for the lowest and highest coverage levels respectively. Finally, using a case study, we present possible use case scenarios where COGENT can be applied.

#RISC-V #MemoryTagging #arXiv #ResearchPapers
__
¹ https://arxiv.org/abs/2212.05614