你可能会喜欢
I have often stated that well-implemented memory tagging will be a game changer for memory corruptions. And it seems that with the next iPhone it's finally here: security.apple.com/blog/memory-in…
Amazing work! I’m surprised to see Apple managed to get synchronous tag checking in production. I wouldn’t have bet on that given the performance constraints. Getting the sign off to get so much security-specific silicon is also a huge accomplishment.
🔺iPhone models announced today include Memory Integrity Enforcement, the culmination of an unprecedented design and engineering effort that we believe represents the most significant upgrade to memory safety in the history of consumer operating systems. security.apple.com/blog/memory-in…
There have been various debates about how to improve memory safety with some advocating for rewriting all critical software in newer programming languages. I believed that would take too long and updating CPUs, lang runtimes, and compilers ships faster:👇 security.apple.com/blog/memory-in…
Congrats to everyone at SEAR for this; this is a crazy announcement. security.apple.com/blog/memory-in…
Congratulations to the Apple team! I'm proud to have contributed to the inception of MTE in 2017. Hopefully, other vendors will catch up.
🔺iPhone models announced today include Memory Integrity Enforcement, the culmination of an unprecedented design and engineering effort that we believe represents the most significant upgrade to memory safety in the history of consumer operating systems. security.apple.com/blog/memory-in…
Ugh apple might make me buy an M5 max mac Am on a maxed out M4 Max machine but sync MTE always-on is just too great. And tensor cores on the GPU is just the cherry on top And sad thing I knew that MTE was coming when I got my M4...
🔺iPhone models announced today include Memory Integrity Enforcement, the culmination of an unprecedented design and engineering effort that we believe represents the most significant upgrade to memory safety in the history of consumer operating systems. security.apple.com/blog/memory-in…
2026 Apple Security Research Device Application is now live. Apply at security.apple.com/research-devic…! * Arbitrary code with arbitrary entitlements * Arbitrary code injection into existing processes * Arbitrary SPTM, TXM, KernelCache firmwares * Downgrades to old builds * ...and more
My position on the "doomsday" risk of superhuman AGI is that if IQ offered you a decisive advantage, the world would be run by nerds. I think it's essentially a geek power fantasy. The returns on puzzle-solving skills rapidly diminish past some modest threshold.
In 2020, I solved a gnarly reverse engineering challenge in PlaidCTF. Only 9 teams solved. It's a huge pile of Typescript. Everything is named after a fish. The catch? There's no code, only types. How do they perform computation using just the type system? (Spoiler: Circuits!)
I’d lowkey throw a few big classic movie scenes through this and then play them at a trivia
INTRODUCING: pxl-srt It sorts pixels in an image by color (i implemented and deployed this 20min after seeing this tweet)
saw someone on here say that i make five figures a month off twitter. buddy, ELON MUSK doesn't even make five figures a month off twitter
This is a good time to point out how cybersecurity has become a business of transferring accountability to third parties (you don't buy security, you buy someone to blame when it all goes down). But it's largely symbolic since nobody is liable, and this might even be a feature.
Why did past societies build so much "useless" beauty everywhere — and why did we stop? It might be a measure of a culture's health... (thread) 🧵
"UBSan can check this" is not a security position.
Oh that’s your so-called experts. Never meet your heroes! But go listen to Halvar, even if he stays away 10 years.
Kinda weird to prep a keynote related to security when I've been very diligently not paying a lot of attention in the last 5 years.
I will, unfortunately, have to disappoint you: C is a High Level Language that compiles to an Semantically-Constrained, Nondeterministic, Abstract Virtual Machine (SCNAVM) that is then projected and modeled onto ${TARGET_PLATFORM}.
Kinda weird to prep a keynote related to security when I've been very diligently not paying a lot of attention in the last 5 years.
Nobody is talking about this, but Mark Zuckerberg recently made a video commenting on Apple Vision Pro. I’m thinking about uploading it here so I’m the first person to do so today.
At its most reductive, DTrace can be thought of as dynamic print statements for code that one didn't write -- and it is in fact great for debugging systems
Print statements are great for debugging code, and shit for debugging systems.
United States 趋势
- 1. Baker 32.4K posts
- 2. #WWERaw 44.2K posts
- 3. Gibbs 20.9K posts
- 4. Lions 80.7K posts
- 5. Mike Evans 10.1K posts
- 6. Bucs 19.4K posts
- 7. #OnePride 7,881 posts
- 8. White House 251K posts
- 9. Tez Johnson 3,112 posts
- 10. Dan Campbell 1,977 posts
- 11. Goff 8,257 posts
- 12. Dragon Lee 7,049 posts
- 13. Texans 19.2K posts
- 14. Seahawks 18.4K posts
- 15. Kelvin Sheppard N/A
- 16. #TBvsDET 5,216 posts
- 17. Jameson Williams 1,563 posts
- 18. #LaCasaDeAlofoke2 6,443 posts
- 19. Josh Naylor 3,287 posts
- 20. #ALCS 7,994 posts
你可能会喜欢
-
Piotr Bania
@PiotrBania -
Brad Spengler
@spendergrsec -
PaX Team
@paxteam -
grsecurity
@grsecurity -
Julien Vanegue
@jvanegue -
argp
@_argp -
Kostya Kortchinsky
@crypt0ad -
chrisrohlf
@chrisrohlf -
Markus Vervier
@marver -
Solar Designer
@solardiz -
Mathias Krause | @[email protected]
@_minipli -
Vincenzo Iozzo
@_snagg -
Sean Heelan
@seanhn -
Michael Coppola
@mncoppola -
Sonar Research
@Sonar_Research
Something went wrong.
Something went wrong.