As I understood it, Memory Integrity Enforcement adds an additional check on heap dereferences (and it doesn’t apply to every process for performance reasons). Why does it crush hacking rather than just adding another incremental roadblock like many other mitigations before?
I'm not certain there is a performance hit since there is dedicated silicon on the chip for it. I believe the checks can also be done async which reduces the performance issues.
It also doesn't matter that it isn't running by default in apps since the processes you really care about are the OS ones. If someone finds an exploit in tiktok, it doesn't matter all that much unless they find a way to elevate to an exploit on an OS process with higher permissions.
MTE (Memory Tagging Extension) is also has a double purpose, it blocks memory exploits as they happen, but it also detects and reports them back to Apple. So even if you have a phone before the 17 series, if any phone with MTE hardware gets hit, the bug is immediately made known to Apple and fixed in code.
Thanks! I wonder how they enforce retention of personal data if a user adds identifying data and they use a model from anthropic or wtv like others said. maybe that is the wrong question at all if they are using their own models but i thought they didn't. Apple's AI strategy on the whole sounds coherent to me but the specifics are super confusing.
Am I the only one who feels like it isn't the responsibility of backbone ISPs to filter traffic like this? In the case of a DDoS situation I could get behind it, but in this case I feel as though it's not Cogent's problem if I want to use telnet from a device on Charter's network to a Vultr VPS, even if it may be ill-advised.
(Of course, the article only speculates that this traffic filtering is what's going on; there isn't any hard proof, but it feels plausible to me.)
In his talk a few days ago, one of the main Asahi developers (Sven) shared that there is someone working on M3 support. There are screenshots of an M3 machine running Linux and playing DOOM at around 31:34 here: https://media.ccc.de/v/39c3-asahi-linux-porting-linux-to-app...
Sounds like the GPU architecture changed significantly with M3. With M4 and M5, the technique for efficiently reverse-engineering drivers using a hypervisor no longer works.
Defendants trying to exclude ALPR evidence often invoke Carpenter v. U.S. (or U.S. v. Jones, but that’s questionable because the majority decision is based on the trespass interpretation of the 4th Amendment rather than the Katz test). Judges have not generally agreed with defendants that ALPR (either the license plate capture itself or the database lookup) resembles the CSLI in Carpenter or the GPS tracker in Jones. A high enough density of Flock cameras may make the Carpenter-like arguments more compelling, though.
Yeah, I don't think capturing your license plate at a light falls afoul of Carpenter, but aggregating timestamped records of your license plate all over town to build a complete picture of your movements probably does.
I’ve benchmarked deleting files (around ~65,000 small node_modules sort of files) and it takes 40 seconds through Explorer, 20 seconds with rd, and roughly a second inside WSL2 (cloned to the VM’s ext4 virtual hard drive).
reply