Amidst the array of new products Apple announced this week, the company also revealed a significant new security technology for its latest iPhone 17 and iPhone Air devices. This technology was specifically developed to combat surveillance vendors and the types of vulnerabilities they most commonly rely on.
The feature is called Memory Integrity Enforcement (MIE). It is designed to help stop memory corruption bugs, which are among the most common vulnerabilities exploited by spyware developers and makers of phone forensic devices used by law enforcement. Known mercenary spyware chains used against iOS share a common trait with those targeting Windows and Android: they exploit memory safety vulnerabilities, which are powerful, interchangeable, and exist throughout the industry.
Cybersecurity experts, including individuals who create hacking tools and exploits for iPhones, state that this new security technology could make Apple’s newest iPhones some of the most secure devices available. The result is likely to make life more difficult for the companies that develop spyware and zero-day exploits for planting spyware on a target’s phone or extracting data from them.
One security researcher who has worked on developing and selling zero-days to the U.S. government for years stated that the iPhone 17 is probably now the most secure computing environment on the planet that is still connected to the internet. The researcher explained that MIE will raise the cost and time required to develop exploits for the latest iPhones, which will consequently increase their prices for paying customers. The researcher called this a huge deal, noting that while it is not hack-proof, it is the closest thing we have to hack-proof. They emphasized that no security is ever one hundred percent perfect, but this raises the stakes significantly.
Jiska Classen, a professor and researcher who studies iOS, agreed that MIE will raise the cost of developing surveillance technologies. Classen said this is because some of the bugs and exploits that currently work for spyware companies and researchers will stop functioning once the new iPhones with MIE are released. Classen also imagined that for a certain time window, some mercenary spyware vendors may not have working exploits for the iPhone 17.
Patrick Wardle, a researcher who runs a startup that makes cybersecurity products for Apple devices, said this will make the life of attackers arguably infinitely more difficult. He added the caveat that it is always a cat and mouse game. Wardle said people who are worried about getting hacked with spyware should upgrade to the new iPhones.
The experts said MIE will reduce the efficacy of both remote hacks, such as those launched with spyware like Pegasus and Graphite, and physical device hacks, such as those performed with phone unlocking hardware like Cellebrite or Graykey.
Most modern devices, including the majority of current iPhones, run software written in programming languages that are prone to memory-related bugs, often called memory overflow or corruption bugs. When triggered, a memory bug can cause the contents of memory from one app to spill into other areas of a user’s device where it should not go. These bugs can allow malicious hackers to access and control parts of a device’s memory that they should not have permission to, which can be used to plant malicious code to gain broader access to a person’s data.
MIE aims to defend against these kinds of broad memory attacks by vastly reducing the attack surface in which memory vulnerabilities can be exploited. According to experts, memory corruptions represent the vast majority of exploits.
MIE is built on a technology called Memory Tagging Extension (MTE) originally developed by chipmaker Arm. Apple stated that over the past five years it worked with Arm to expand and improve the memory safety features into a product called Enhanced Memory Tagging Extension (EMTE). MIE is Apple’s implementation of this new security technology, which benefits from Apple having complete control of its technology stack from software to hardware.
MIE works by allocating each piece of a newer iPhone’s memory with a secret tag, effectively its own unique password. This means only apps with that secret tag can access the physical memory in the future. If the secret does not match, the security protections activate, block the request, cause the app to crash, and log the event. That crash and log are particularly significant because it is more likely for spyware and zero-days to trigger a crash, making it easier for Apple and security researchers to spot and investigate attacks.
MIE will be on by default system-wide, which means it will protect core apps like Safari and iMessage, which can be entry-points for spyware. However, third-party apps will have to implement MIE on their own to improve protections for their users. Apple has released a version of EMTE for developers to do that.
In other words, MIE is a huge step in the right direction, but it will take time to see its full impact. This depends on how many developers implement it and how many people buy new iPhones. Some attackers will inevitably still find a way. MIE is a good thing and it might even be a big deal. It could significantly raise the cost for attackers and even force some of them out of the market. But there are going to be plenty of bad actors that can still find success and sustain their business. As long as there are buyers there will be sellers.