#memorytagging — Public Fediverse posts on home.social

Jonah Aragon :MN: @[email protected] · 2025-09-20 · 20:50 UTC

In some regions exploits are very broadly deployed on the internet, to target people looking for political activism resources. And journalists, lawyers, and politicians are all regularly targeted by mercenary spyware as well.
The exploit chains used by mercenary spyware are also the same as the ones used by commercial spyware and data hacking kits, like Cellebrite and GrayKey. These tools are often in the hands of low-level law enforcement employees or even outside of government, and are regularly abused.
If these threats could cause you significant harm, this may well be a great reason to upgrade your phone.

https://www.jonaharagon.com/posts/memory-integrity-enforcement-changes-the-game-on-ios/

#MemoryIntegrityEnforcement #Apple #MTE #Security #Infosec #Cybersecurity #MemoryTagging #Article

#memoryintegrityenforcement #apple #mte #security #infosec #cybersecurity

GrapheneOS @[email protected] · 2024-01-03 · 18:25 UTC

We've added documentation for the hardware memory tagging implementation in hardened_malloc:

https://github.com/GrapheneOS/hardened_malloc?tab=readme-ov-file#memory-tagging

GrapheneOS on Pixel 8 / Pixel 8 Pro is the first platform using ARM MTE in production. Stock Pixel OS has it as a hidden development option requiring using ADB.

#GrapheneOS #privacy #security #mte #MemoryTagging #arm

#grapheneos #privacy #security #mte #memorytagging #arm

GrapheneOS @[email protected] · 2023-11-26 · 01:11 UTC

Pixel 8 providing hardware memory tagging support is a massive security advance for GrapheneOS. This hardware feature only helps if the OS uses it like GrapheneOS, and the security it provides entirely depends on how it's used. We have a great implementation in hardened_malloc.

#GrapheneOS #privacy #security #MemoryTagging #MTE #Pixel8 #Pixel8Pro

#grapheneos #privacy #security #memorytagging #mte #pixel8

GrapheneOS @[email protected] · 2023-11-02 · 02:50 UTC

GrapheneOS now has hardware memory tagging support in our Stable channel. Memory tagging greatly improves protection against targeted attacks. Thanks to hardware support on the Pixel 8 and Pixel 8 Pro, it's extremely low overhead despite the massive benefits it's able to provide.

#GrapheneOS #security #android #pixel #mte #MemoryTagging

#grapheneos #security #android #pixel #mte #memorytagging

GrapheneOS @[email protected] · 2023-10-26 · 16:08 UTC

We've been making more progress on hardware memory tagging support for Pixel 8 and Pixel 8 Pro. Our initial hardened_malloc integration has no noticeable overhead in fastest asynchronous mode and the asymmetric mode is lower overhead than legacy mitigations like stack canaries.

#GrapheneOS #security #android #pixel #mte #MemoryTagging

#grapheneos #security #android #pixel #mte #memorytagging

GrapheneOS @[email protected] · 2023-10-24 · 22:32 UTC

Pixel 8 and Pixel 8 Pro are ARMv9 devices supporting hardware memory tagging. Stock OS currently has a very primitive experimental implementation available as a developer option. We're going to be deploying a more advanced implementation for hardened_malloc in production soon.

#GrapheneOS #security #android #pixel #mte #MemoryTagging

#grapheneos #security #android #pixel #mte #memorytagging

cynicalsecurity :cm_2: @[email protected] · 2022-12-15 · 06:28 UTC

CW: arXiv review

D. Demicco et al., "Generic Tagging for RISC-V Binaries"¹

With the widespread popularity of RISC-V -- an open-source ISA -- custom hardware security solutions targeting specific defense needs are gaining popularity. These solutions often require specialized compilers that can insert metadata (called tags) into the generated binaries, and/or extend the RISC-V ISA with new instructions. Developing such compilers can be a tedious and time-consuming process. In this paper, we present COGENT, a generic instruction tag generator for RISC-V architecture. COGENT is capable of associating a tag of configurable and varying widths (1 to 20 bits) to each instruction. It is also capable of emitting labels that are central to the implementation of control-flow integrity (CFI) solutions. COGENT encodes all tags and labels as nop instructions thereby providing full backward compatibility.
We evaluate COGENT on a subset of programs from the SPEC CPU2017 benchmark suite and report the binary size increase to be 29.3% and 18.27% for the lowest and highest tag coverage levels respectively. Additionally, we executed tagged programs on COTS RISC-V unmodified hardware and found the execution time overhead (with respect to backward compatibility) to be 13.4% and 5.72% for the lowest and highest coverage levels respectively. Finally, using a case study, we present possible use case scenarios where COGENT can be applied.

#RISC-V #MemoryTagging #arXiv #ResearchPapers
__
¹ https://arxiv.org/abs/2212.05614

#risc #memorytagging #arxiv #researchpapers

heise online (inoffiziell) @[email protected] · 2020-08-13 · 13:04 UTC

Künftige Prozessoren bringen Funktionen zur Kennzeichnung von RAM-Adressbereichen, um Angriffe etwa durch Return Oriented Programming (ROP) zu erschweren.
Intel plant Malware-Schutz Memory Tagging
#CET #Control-flowEnforcementTechnology #MemoryTagging #PAC #PointerAuthenticationCode #ROP #ReturnOrientedProgramming #Sicherheit

#sicherheit #rop #cet #pac #memorytagging #pointerauthenticationcode