Mastodawn

The story of Propolice, the OpenBSD stack protector https://www.undeadly.org/cgi?action=article;sid=20251212094310 #openbsd #propolice #stackprotection #security #securecode #exploitmitigation #secureprogramming

The story of Propolice, the OpenBSD stack protector

Show thread

yawnbox Nov 26

"#Exclaves land in MacOS

Nobody is really surprised that the MacOS 26.0.1 firmware image of the about to be released MacBook Pro #M5 reveals that Memory Integrity Enforcement (#MIE) on top of the ARM64 Enhanced Memory Tagging Extension (#EMTE) is used. Extremely surprising is however that Apple is now shipping the Secure Kernel (#SK) and #ExclaveCore / #ExclaveOS with MacOS. This means Apple's newest security boundary #Exclaves has finally arrived in MacOS."

https://www.linkedin.com/posts/stefan-esser-903582240_exclaves-m5-mie-activity-7384980813031043073-EfhS

#MTE #MemorySafety #ExploitMitigation

yawnbox Oct 19

I've updated my blog post in light of Apple releasing the M5 iPad Pro with Memory Integrity Enforcement #MIE

# How to Use an iPad as a Secure Calling and Messaging Device

This is the first time in my 10 years of maintaining this article that I stop advising any iPad above the A12 chipset, and now focus on M5. MIE is such a huge platform security improvement, the M5 is currently the only one to consider getting if operational security is your top priority.

https://yawnbox.eu/blog/how-to-use-an-ipad-as-a-secure-calling-and-messaging-device/

#Apple #iPad #iPadPro #iPadProM5 #M5 #MemoryIntegrityEnforcement #PlatformSecurity #ExploitMitigation

How to Use an iPad as a Secure Calling and Messaging Device

Show thread

yawnbox Oct 18

"As expected the MacBook Pro M5 brings #MTE to #MacOS2601"

https://x.com/i0n1c/status/1979208815892439359

cc @privacyguides

#MIE #Apple #MemoryIntegrityEnforcement #M5 #MBP #macOS #MacbookPro #M5MacbookPro #MacbookProM5 #cybersecurity #exploitmitigation

🐦‍🔥nemo™🐦‍⬛ 🇺🇦🍉Nov 5, 2024

Trail of Bits dives deep into Linux's new mseal syscall! 🔒🐧 Learn how this memory sealing feature enhances security by preventing illicit modifications during runtime. A must-read for #cybersecurity enthusiasts and #Linux developers! 🛡️💻 #mseal #ExploitMitigation

🔗 https://blog.trailofbits.com/2024/10/25/a-deep-dive-into-linuxs-new-mseal-syscall/

A deep dive into Linux’s new mseal syscall

If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond notes from the authors, very little information about this mitigation exists. In this blog post, we’ll explain what this syscall is, including […]

The Trail of Bits Blog