alt Hacker NewsShipping MTE doesn’t refute my point.
MTE is an Arm architectural feature. Apple integrated it, fine. That’s engineering work. But the implementation in Apple silicon and the allocator integration are closed and non-auditable. We have blog posts and marketing language, not independently verifiable source or hardware transparency.
So yes, they deploy mitigations. That doesn’t negate the fact that the trust model is opaque.
Hardening a class of memory bugs is not the same thing as opening the platform to scrutiny. Users still cannot independently verify kernel integrity, inspect enforcement logic, or audit allocator behaviour. Disclosure and validation remain vendor-controlled.
You’re treating ‘we shipped a mitigation’ as proof against ‘the system is closed and PR-heavy.’ Those are different axes.
"Security by obscurity" does not mean "closed." It specifically means that obscurity is a critical part of the security. That is, if you ever let anyone actually see what was going on, the whole system would fall to pieces. That is not the case here.
If what you meant to say was "the system is closed and PR-heavy," I won't argue with that. But that's a very different statement.