Pierre H. 🔥🌸

@bjhomer The kind of love we pour in the line of business I’m in doesn’t belong in release notes. That would completely defeat the anxious bindiffing and slow incremental discovery of which techniques died, which survived and which are on the chopping block.

We're hosting an event focused on security on March 5. We're going to present the technologies that we use to make iOS the most secure platform in the world. Sessions are led by Apple engineers working directly on platform security and security tools. developer.apple.com/events/view/D4…

We're very honored to have Ivan Krstić (@radian) for our opening keynote. Don't miss that!

We’re thrilled and honored to reveal our second keynote speaker: Ivan Krstić (@radian) Any guesses what he might talk about? 😉

Spreading love against memory corruption through the whole stack! From the software deep down the microarchitecture It has been an insane journey improving the security of millions of people 🔥 security.apple.com/blog/memory-in…

Another big step in system security.

I have often stated that well-implemented memory tagging will be a game changer for memory corruptions. And it seems that with the next iPhone it's finally here: security.apple.com/blog/memory-in…

Congrats to everyone at SEAR for this; this is a crazy announcement. security.apple.com/blog/memory-in…

Amazing work! I’m surprised to see Apple managed to get synchronous tag checking in production. I wouldn’t have bet on that given the performance constraints. Getting the sign off to get so much security-specific silicon is also a huge accomplishment.

🔺iPhone models announced today include Memory Integrity Enforcement, the culmination of an unprecedented design and engineering effort that we believe represents the most significant upgrade to memory safety in the history of consumer operating systems. security.apple.com/blog/memory-in…

🚨Le Kremlin à l'Assaut de la République : Une Étude révèle les manœuvres de déstabilisation de la France ➡Étude #Politoscope avec révélations cruciales sur l'affaiblissement du front républicain à l'approche du 2nd tour des #legislatives2024 nextcloud.iscpif.fr/index.php/s/eY…

🔺New on the Apple Security Research blog: introducing Private Cloud Compute! We believe this is the most advanced security architecture ever deployed for cloud AI compute at scale. security.apple.com/blog/private-c…

Are you excited to use the power of safe modern programming languages like Swift to make software more secure? My SPEAR team at Apple is hiring a Swift Software Engineer to do exactly that! jobs.apple.com/en-us/details/…

@AvimanyuRoy3 @mitchellh Sadness

First I optimized CPU, then memory, now I'm onto the renderers (Metal first). Scrolling Neovim now sustains ~175fps easily (vsync off of course). More room for improvement, but this is already best-in-class (I can't find a terminal at the moment that does better on macOS). The road to get here was long. To quote @thorstenball I've been "moving the chess pieces into place over the past few months." I'll write about it in a devlog, eventually. And, people will inevitably say "high fps doesn't matter for a terminal." And yeah, maybe, but what's the fun in that. My answer to "why" is "because I can!" (Disclaimer: I use the Japanese bible as a sort of stress test for certain IO tests. I'm not religious and there isn't meant to be any sort of hidden message in this.)

I'm hiring a manager! Kernel & System Security Engineering are responsible for security research, analysis, mitigation design and engineering of Apple's entire suite of operating systems. Remote candidates considered! DMs are open. jobs.apple.com/en-gb/details/…

With iOS 17.2 and macOS 14.2 now released, Contact Key Verification 🔐 is available for everybody to enable. Very proud of the work the team has done to ship this groundbreaking feature and advance the state of iMessage security! security.apple.com/blog/imessage-…

“It is much easier to consider genocide in the past tense rather than contend with it in the present. Legal scholars tend to sharpen their pens after the smell of death has dissipated and moral clarity is no longer urgent.”

OMG this is so real, I hurt myself laughing

I am proud to present you the pre-print of our paper on GWP-ASan. 5+ years of work by four companies, spanning Server, Desktop, and Mobile, running on billions of devices. Finding and fixing thousands of bugs and potential vulnerabilities. arxiv.org/abs/2311.09394

Reads better in the original German.