Apple adds "mercenary spyware" protection to new A19 chip

The Apple Silicon A19 chips powering the new iPhones come with new defensive memory safety hardware, aimed at protecting users and their apps against attacks from highly sophisticated "mercenary spyware" and surveillance.

A recent, targeted attack chain that used flaws in Meta's WhatsApp and Apple's operating systems is an example of memory corruption bugs exploited to deliver mercenary spyware, which Apple's Security Engineering and Architecture (SEAR) said costs millions.

In comparison, SEAR said there has never been a successful, widespread malware attack against the iPhone, with only highly targeted spyware deployments being used to break into Apple's iOS.

Known as Memory Integrity Enforcement or MIE, the new security technology is the culmination of five years' effort.

In a technical blog post, SEAR detailed the new technology, which it said will make memory corruption exploits much more expensive and difficult to develop and maintain.

It builds on prior work by Apple, which in 2018 deployed Pointer Authentication Codes (PAC) in the A12 Bionic chip which makes it harder to overwrite or forge pointers to memory addresses; and chip designer Arm's Memory Tagging Extension (MTE) feature from 2019 that safeguards memory allocations.

MTE, however, came with weaknesses, and the technology was further developed into Enhanced MTE by Apple and Arm in 2022.

EMTE had "great potential" SEAR said, implemented with deep hardware and operating system support to produce an extraordinary new security mechanism.

Apple's MIE is built into all iPhone 17 and Air models at the hardware and software level, using secure memory allocators and EMTE in synchronous (SYNC) mode only.

The A19 chip has additional silicon area to memory for tag storage.

What that means is if the processor sees a memory tag mismatch, between a pointer and the location, execution is halted immediately and the program crashes. 

This was the only way forward for Apple, which believes an asynchronous (ASYNC) mode in which tag mismatches don't result in immediate process halts and only exceptions are raised, leaves a window of opportunity for attackers to exploit before being detected.

The flipside of SYNC versus ASYNC mode is that the former method of instant error catching has a greater performance impact while providing better security.

SEAR said Apple is able to provide always-on memory safety protection while preserving high performance, using SYNC mode.

MIE also protects against the SPECTRE V1 speculative execution bug in processors, with virtually no performance hit.

Apple's offensive research team which identified where and how attackers are most likely to break into systems helped guide the MIE work, SEAR said.

"This includes making sure that this powerful new protection is available to third-party apps that are likely entry points for attackers - such as social networks, messaging apps, or any other app where a specific user can be targeted," the engineers added.

SEAR evaluated MIE and its components against six real-world exploit chains used in spyware over the last three years, and believes the new technology will "dramatically reduce an attacker's ability to exploit memory corruption vulnerabilities on our devices". 

Other companies have worked on hardware memory safety, including Intel with its Memory Protection Extensions (MPX) technology that was introduced with the Skylake processors.

MPX was difficult to implement and caused major performance overhead, and was later marked as deprecated and unsupported in successive Intel processors.

Microsoft has also worked with several other vendors such as Arm on the Capability Enhanced RISC Instructions (CHERI) extensions which enable fine-grained memory protections.