@CodeColorist hey, thanks for it, but its frustrating to see a pwnie owner publishes a blogpost written by ai; and looks like he didn't read it carefully because there are some wrong conclusions which could have been corrected by any serious ios reverse engineer

@joinedserver I just took it down for more proofreading. Could you please tell me some examples on the wrong conclusions? Could be my wrong opinion or ignorance. Appreciate it!

@CodeColorist The article claimed MTE instructions are just in allocator libraries so won't appear in executables; which is wrong. Also it mentioned fbounds-safety is hard to detect on binary, but the emitted disassembly is distinguishable enough even for not-so-pedant reverser I believe.

@joinedserver MTE part is the official recommendation from developer doc for 3rd party apps. But yes, 3rd party apps could still use those instructions. In my implementation I skip dyld_shared_cache to not blow the output. I will correct that and thank you

@CodeColorist hmm I inferred the tool would be inspecting system apps, as well, ok.