Huge 
from Apple available with new A19 chips.
Sadly they seem to only enable it on select components, not globally like GrapheneOS does with MTE, but appears to be a more robust implementation.
8 Likes
so not even the A18 gets chips get that? what a shame
cool yes but come on.
MTE requires hardware support.
I thought MTE was standard in ArmV9.
Still no reason not to have it in the A18 Considering the only modern and widely available budget option from Apple currently is the 16e, otherwise you’re leaving users shelling out 800 dollars for this, when they could shell out less (600 to be precise) and still get MIE (or Apple MTE) instead
Can someone please ELI5 as to what this is exactly? I don’t want to misunderstand.
Memory safety bugs make up a substantial amount of all security issues, technology like MTE with integration via eg. memory allocators can largely mitigate them entirely.
So a big win for iOS security? Got it. Thanks! Glad to see Apple continuing to innovate here.
Android originally supported MTE as a developer an opt-in for apps, and later enabled it more so when Advanced Protection was enabled.
GrapheneOS has made more substantial use of MTE support for the Linux kernel, the default system components, Vanadium, and user opt-in for user apps since the Pixel 8.
While Apple’s implementation does appear more robust with regards to tag security and likely performance, it is largely the same underlying tech.
Apple also appears to be using it in the stricter synchronous mode whereas GrapheneOS uses it in the synchronous mode for the kernel and the asymmetric mode (sync for read, async for write) for userspace.
But again it seems Apple is very selectively enabling it for performance compared to how much GrapheneOS utilizes it. Hopefully Apple will enable it more widely when eg. Lockdown mode is enabled.
5 Likes
TIL. Good to know. Thanks for the context and info!
Do Pixels not use the last version of MTE (EMTE)?
No, EMTE is the latest 4th revision, Tensor uses the 3rd revision afaict.
1 Like
If you want even more context see here
3 Likes