NEW: Apple launched a new security feature specifically to fight against spyware and zero-day exploit makers.

We spoke to a researcher who sells zero-days to the U.S. government, who thinks this will make their life much harder and raise the cost of developing and selling hacking tolls for iPhones.

“It’s not hack proof. But it’s the closest thing we have to hack proof. None of this will ever be 100% perfect. But it raises the stakes the most,” the researcher said.

Other cybersecurity experts agreed that this is a big deal, and can have a significant impact in making the new iPhones the most secure devices on the planet.

https://techcrunch.com/2025/09/11/apples-latest-iphone-security-feature-just-made-life-more-difficult-for-spyware-makers/

It's definitely been an exceptional 5 years, filled with humbling lessons, insurmountable looking challenges, and working with extremely talented people.

Doing it end to end from the first to the last bit has been a privilege, and the highlight of my 20y in the industry.

Memory Integrity Enforcement is the culmination of a truly incredible amount of work :)

While there's so much to love, one of my favorite pieces was getting to bring kalloc_type-style isolation to out-of-bounds accesses on both the architectural and speculative path. This lets us both mitigate a variety of Spectre v1 style attacks and break the reliable exploitation of some of the most powerful first-order memory corruption primitives (arb offset OOB R/W).

https://security.apple.com/blog/memory-integrity-enforcement/

I’ve been waiting a long time to see this out in the open.

Memory Integrity Enforcement delivers the strongest memory safety mitigations in the industry—by far. It sets a new standard for device security.

@shac posted a nice story a while ago, about the first 64-bit ARM architecture: over 12 years ago, Apple launched the iPhone 5s and introduced the ARM64 CPU. It was the first public disclosure of a 64-bit ARM architecture. No one else was even close to having a chip ready to tape out, let alone ship in a product—and the performance was a Frankenstein.

But what is often overlooked is the execution. When iOS shipped, it was a full 64-bit native release. There was no 32-bit code in the OS image (beyond the components required to support 32-bit third-party apps). Everything was aligned to the new architecture, including complex subsystems like the Safari JavaScript engine. Everything was ready on day one.

**This level of execution is something only Apple can deliver.**

And today, we see the same capabilities applied to security.

I’m deeply grateful to have been part of the exceptional team that worked tirelessly to make this happen.