A brief history of Mac enclaves andexclaves

by
Thom Holwerda
from OSnews on (#6NJCS)

Howard Oakley has written an interesting history of secure enclaves on the Mac, and when he touches upon exclaves", a new concept that doesn't have a proper term yet, he mentions something interesting.

While anenclaveis a territory entirely surrounded by the territory of another state, anexclaveis an isolated fragment of a state that exists separately from the main part of that state. Althoughexclaveisn't a term normally used in computing, macOS 14.4 introduced three kernel extensions concerned with exclaves. They seem to have appeared first in iOS 17, where they're thought to code domains isolated from the kernel that protect key functions in macOS even when the kernel becomes compromised. This in turn suggests that Apple is in the process of refactoring the kernel into a central micro-kernel with protected exclaves. This has yet to be examined in Sequoia.

Howard Oakley

I'm not going to add too much here since I'm not well-versed enough in the world of macOS to add anything meaningful, but I do think it's an interesting theory worth looking into by people who posses far more knowledge about this topic than I do.

External Content
Source RSS or Atom Feed
Feed Location http://www.osnews.com/files/recent.xml
Feed Title OSnews
Feed Link https://www.osnews.com/
Reply 0 comments