Apple touts ‘unparalleled’ protection for M5 Macs

Apple touts ‘unparalleled’ protection for M5 Macs

5gDedicated
Yanac

Apple overnight updated the Apple Platform Security guide, its Bible for everyone involved in Apple security. The new edition confirms that M5 Macs now benefit from rock solid protection that should protect them against some of the most sophisticated attacks. 

The guide confirms that Memory Integrity Enforcement (MIE) is now available for M5 Macs, as well as iPhones running A19 chips. First discussed in a blog post last September, MIE will “completely redefine the landscape of memory safety for Apple products,” the company said at the time. “We believe Memory Integrity Enforcement represents the most significant upgrade to memory safety in the history of consumer operating systems.”

Unparalleled, always-on memory safety protection

Last fall, Ivan Krstić, Apple’s head of security engineering and architecture, explained that MIE represents the culmination of half a decade of design and engineering work on Apple’s part. He also said MIE has been successfully tested against some of the most sophisticated mercenary spyware attacks Apple has encountered. 

What this means is that people attempting to attack iPhones and M5 Macs will find it even more challenging than it already is, making it far more expensive and difficult to do so. That’s not to say the prevention is foolproof — there are always new vulnerabilities in any form of protection. But raising the cost of creating these exploits is one way to reduce the number of potential attacks that can be made. 

“MIE is built in to Apple Silicon and offers unparalleled, always-on memory safety protection for key attack surfaces including the kernel, while maintaining the power and performance that users expect,” the updated guide explains. 

The idea behind the technology is that it dramatically constrains an attacker’s ability to exploit memory corruption vulnerabilities on Apple devices, which is a Very Good Thing (VGT)

What else is new in the Apple Platform Security Guide?

MIE isn’t the only security improvement included in the guide. Among other additions, it features new topic sections concerning quantum security, single sign-on (SSO), and satellite communications:

Quantum Security: Another VGT, Apple deployed postquantum cryptographic protection (PQ3) in iMessage in iOS 17.4 and macOS 14.4. This protection against future quantum-based attacks has now been extended in iOS 26, iPadOS 26, macOS 26, tvOS 26, and watchOS 26, including the introduction of CryptoKit, which developers can use to help protect the software they offer on the platforms. 

Platform SSO: This new section explains the different authentication mechanisms now in place for SSO, how they work, and how its systems interact with identity service providers;

Satellite: In addition to describing the core security architecture in place to protect satellite-based communications using Apple’s systems and an iPhone, the company also confirms its use of encryption and pseudonyms to secure those messages.

Apple also expanded a range of existing sections in the document, which ends with the customary set of links and contacts to security bounties and researchers and a table that effectively represents the extent to which the company continues to secure its platforms. Apple has also updated its platform security website.

“For software to be secure, it needs to rest on hardware that has security built in,” the report says. “That’s why Apple devices — with iOS, iPadOS, macOS, tvOS, visionOS, and watchOS — have security capabilities designed into silicon. These capabilities include a CPU that powers system security features, as well as additional silicon that’s dedicated to security functions.” 

This end-to-end approach to security is evident in that Apple’s platforms remain far more inherently secure than rivals’. That’s not everything, of course; no matter how secure the platform happens to be, security can still be undermined by the weakest link in the food chain, which is now and always has been the users of these devices. Apple’s commitment to security should not be seen as a rationale for complacency — though it is good to know the M5 Mac you’re about to upgrade to should be more secure than ever before against surveillance-as-a-service attackers.

You can follow me on social media! Join me on BlueSky,  LinkedIn, and Mastodon.Apple touts ‘unparalleled’ protection for M5 Macs – ComputerworldRead More