Security from the ground up
Apple’s Tim Cook has decided to replace Intel processors for all Macs and Macbooks with ARM-based processors. Apple blames Intel for its lack in security.
Tim Cook seems to have decided to switch processor architectures for all Macs, Macbooks and such. The reasoning for the replacement seems to be the lack of security in Intel processors. While we agree that the x86-64 processor architecture is not exactly a poster child for security, we believe that ARM is even worse. Let us discuss some technical reasons. Branch target injection attacks, such as Meltdown and Spectre, affect ARM processors as well, and the sheer size of the ARM instruction set, depending on the mode and the model, is so large that ambiguities arise not only for programmers but also for the compilers and linkers. Ambiguity (i.e. the lack of determinism) is one of the biggest enemies of security.
The desire to unify Mac OS X and IOS is understandable, but OS X is built on FreeBSD with a small and elegant microkernel, whereas IOS is built on Linux, a very large monolithic and homogeneous kernel. A change to RISC-V would have made a lot more sense for both the desktop and laptop line and for the IOS devices, which then could have deployed a modern FreeBSD (Mach) kernel. It’s hard to believe that Apple’s internally developed, ARM-based processors would be inherently more secure as they simply are not.
We can foresee that the switch will be detrimental as the performance of the A-processor line within Apple is, by far, not good enough to power desktops and laptops. It might hasten the demise of the laptop and desktop computer lines at Apple. However, it seems that performance has not been a top priority at Apple for a while, as most laptops and desktops have been lagging the competition by quite a large margin for a while. Apple has had its own security problems with cleartext being snoopable on Thunderbolt at startup, and more general, issues with security of the boot code itself. Apple might think it can save itself some money by not having to buy processors from Intel, but bringing up security as an excuse is not the right justification.