{"id":219867,"date":"2025-09-12T03:43:12","date_gmt":"2025-09-12T03:43:12","guid":{"rendered":"https:\/\/www.europesays.com\/us\/219867\/"},"modified":"2025-09-12T03:43:12","modified_gmt":"2025-09-12T03:43:12","slug":"apples-latest-iphone-security-feature-just-made-life-more-difficult-for-spyware-makers","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/us\/219867\/","title":{"rendered":"Apple’s latest iPhone security feature just made life more difficult for spyware makers"},"content":{"rendered":"

Buried in an ocean of flashy novelties announced by Apple<\/a> this week, the tech giant also revealed new security technology for its latest iPhone 17 and iPhone Air devices. This new security technology was made specifically to fight against surveillance vendors and the types of vulnerabilities they rely on the most, according to Apple.<\/p>\n

The feature is called Memory Integrity Enforcement (MIE) and is designed to help stop memory corruption bugs, which are some of the most common vulnerabilities exploited by spyware\u00a0developers and makers of phone forensic devices used by law enforcement.\u00a0<\/p>\n

\u201cKnown mercenary spyware chains used against iOS share a common denominator with those targeting Windows and Android: they exploit memory safety vulnerabilities, which are interchangeable, powerful, and exist throughout the industry,\u201d Apple wrote in its blog post<\/a>.\u00a0<\/p>\n

Cybersecurity experts, including people who make hacking tools and exploits for iPhones, tell TechCrunch that this new security technology could make Apple\u2019s newest iPhones some of the most secure devices on the planet. The result is likely to make life harder for the companies that make spyware and zero-day<\/a> exploits for planting spyware on a target\u2019s phone or extracting data from them.\u00a0<\/p>\n

\u201cThe iPhone 17 is probably now the most secure computing environment on the planet that is still connected to the internet,\u201d a security researcher, who has worked on developing and selling zero-days and other cyber capabilities to the U.S. government for years, told TechCrunch.<\/p>\n

The researcher told TechCrunch that MIE will raise the cost and time to develop their exploits for the latest iPhones, and consequently up their prices for paying customers.<\/p>\n

\u201cThis is a huge deal,\u201d said the researcher, who asked to remain anonymous to discuss sensitive matters. \u201cIt\u2019s not hack proof. But it\u2019s the closest thing we have to hack proof. None of this will ever be 100% perfect. But it raises the stakes the most.\u201d<\/p>\n

\t\t\tContact Us
\n\t\t\tDo you develop spyware or zero-day exploits and are studying studying the potential effects of Apple\u2019s MIE? We would love to learn how this affects you. From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email<\/a>.<\/a> You also can contact TechCrunch via SecureDrop<\/a>.\t\t<\/p>\n

Jiska Classen, a professor and researcher who studies iOS at the Hasso Plattner Institute in Germany, agreed that MIE will raise the cost of developing surveillance technologies. <\/p>\n

Classen said this is because some of the bugs and exploits that spyware companies and researchers have that currently work will stop working once the new iPhones are out and MIE is implemented.\u00a0<\/p>\n

\u201cI could also imagine that for a certain time window some mercenary spyware vendors don\u2019t have working exploits for the iPhone 17,\u201d said Classen.\u00a0<\/p>\n

\u201cThis will make their life arguably infinitely more difficult,\u201d said Patrick Wardle, a researcher who runs a startup<\/a> that makes cybersecurity products specifically for Apple devices. \u201cOf course that is said with the caveat that it\u2019s always a cat-and-mouse game.\u201d<\/p>\n

Wardle said people who are worried about getting hacked with spyware should upgrade to the new iPhones.\u00a0<\/p>\n

The experts TechCrunch spoke to said MIE will reduce the efficacy of both remote hacks, such as those launched with spyware like NSO Group\u2019s Pegasus and Paragon\u2019s Graphite. It will also help to protect against physical device hacks, such as those performed with phone unlocking hardware like Cellebrite or Graykey.\u00a0<\/p>\n

Taking on the \u201cmajority of exploits\u201d<\/p>\n

Most modern devices, including the majority of iPhones today, run software written in programming languages that are prone to memory-related bugs, often called memory overflow or corruption bugs. When triggered, a memory bug can cause the contents of memory from one app to spill into other areas of a user\u2019s device where it shouldn\u2019t go.<\/p>\n

Memory-related bugs can allow malicious hackers to access and control parts of a device\u2019s memory that they shouldn\u2019t be permitted to. The access can be used to plant malicious code that\u2019s capable of gaining broader access to a person\u2019s data stored in the phone\u2019s memory, and exfiltrating it over the phone\u2019s internet connection.<\/p>\n

MIE aims to defend against these kinds of broad memory attacks by vastly reducing the attack surface in which memory vulnerabilities can be exploited.<\/p>\n

According to Halvar Flake, an expert in offensive cybersecurity, memory corruptions \u201care the vast majority of exploits.\u201d\u00a0<\/p>\n

MIE is built on a technology called Memory Tagging Extension<\/a> (MTE), originally developed by chipmaker Arm. In its blog post, Apple said over the past five years it worked with Arm to expand and improve the memory safety features into a product called Enhanced Memory Tagging Extension (EMTE).\u00a0\u00a0<\/p>\n

MIE is Apple\u2019s implementation of this new security technology, which takes advantage of Apple having complete control of its technology stack, from software to hardware, unlike many of its phone-making competitors.<\/p>\n

Google offers MTE<\/a> for some Android devices; the security-focused GrapheneOS, a custom version of Android, also offers MTE<\/a>.\u00a0<\/p>\n

But other experts say Apple\u2019s MIE goes a step further. Flake said the Pixel 8 and GrapheneOS are \u201calmost comparable,\u201d but the new iPhones will be \u201cthe most secure mainstream\u201d devices.<\/p>\n

MIE works by allocating each piece of a newer iPhone\u2019s memory with a secret tag, effectively its own unique password. This means only apps with that secret tag can access the physical memory in the future. If the secret doesn\u2019t match, the security protections kick in and block the request, the app will crash, and the event is logged.<\/p>\n

That crash and log is particularly significant since it\u2019s more likely for spyware and zero-days to trigger a crash, making it easier for Apple and security researchers investigating attacks to spot them.\u00a0<\/p>\n

\u201cA wrong step would lead to a crash and a potentially recoverable artifact for a defender,\u201d said Matthias Frielingsdorf, the vice president of research at iVerify, a company that makes an app to protect smartphones from spyware. \u201cAttackers already had an incentive to avoid memory corruption.\u201d<\/p>\n

Apple did not respond to a request for comment.<\/p>\n

MIE will be on by default system wide, which means it will protect apps like Safari and iMessage, which can be entry points for spyware. But third-party apps will have to implement MIE on their own to improve protections for their users. Apple released a version of EMTE<\/a> for developers to do that.\u00a0<\/p>\n

In other words, MIE is a huge step in the right direction, but it will take some time to see its impact, depending on how many developers implement it and how many people buy new iPhones.\u00a0<\/p>\n

Some attackers will inevitably still find a way.<\/p>\n

\u201cMIE is a good thing and it might even be a big deal. It could significantly raise the cost for attackers and even force some of them out of the market,\u201d said Frielingsdorf. \u201cBut there are going to be plenty of bad actors that can still find success and sustain their business.\u201d<\/p>\n

\u201cAs long as there are buyers there will be sellers,\u201d said Frielingsdorf.<\/p>\n","protected":false},"excerpt":{"rendered":"Buried in an ocean of flashy novelties announced by Apple this week, the tech giant also revealed new…\n","protected":false},"author":3,"featured_media":219868,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[101401,119823,734,119824,59543,13336,2019,2020,611,119825,119826,104644,158,67,132,68,119827],"class_list":{"0":"post-219867","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-mobile","8":"tag-apple-event","9":"tag-cellebrite","10":"tag-cybersecurity","11":"tag-graykey","12":"tag-hackers","13":"tag-hacking","14":"tag-ios","15":"tag-iphone","16":"tag-mobile","17":"tag-nso","18":"tag-nso-group","19":"tag-spyware","20":"tag-technology","21":"tag-united-states","22":"tag-unitedstates","23":"tag-us","24":"tag-zero-days"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@us\/115189265468561199","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/219867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/comments?post=219867"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/posts\/219867\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media\/219868"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/media?parent=219867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/categories?post=219867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/us\/wp-json\/wp\/v2\/tags?post=219867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}