Toward trusted sensing for the cloud: Introducing Project Freta - Microsoft Research
The fact that sensor evasion is possible at all is surprising to many outsiders to the field of computer security. Anyone who’s visited a retail store understands that it’s a good idea to put the security cameras out of reach—why haven’t we done something similar in the cloud? The answer is a familiar one: backwards compatibility. Our first networked computers didn’t have the silicon real estate to devote to an isolated security sensor. Opportunities for technology companies to break backwards compatibility and “greenfield” redesign with security in mind have appeared only periodically, seen primarily in the mobile and console industries. These redesigns have allowed for increasing hardware separation between the compute plane and the security plane
Apple changing Macs to Apple silicon presents a similar opportunity to break backwards compatibility and redesign the security architecture. They kind of tried it with the T2 co-processor, but the complete transition may lead to a something more. How the isolation (lock-down) in macOS has been progressing up to Catalina might have also been in preparation for this, and Big Sur might be closer to iOS in more ways than the UI. I look forward to all the analyses that might come out from Objective-See.
I suppose some people get annoyed at the degree of lock-down Apple has been introducing. Personally, I've locked down my Linux instances even more. I just don't have the expertise and time to figure out how to lock it down without impairing the user experience too much, and I am glad Apple has been at it all this time.
Top comments (0)