Bruh

infinite money glitch

What is rce?

@@TheVirtualArena24 remote code execution/exploit

Really Cheap Explaination

@@TheVirtualArena24 Let's be fair, if you're watching this channel, you should be familiar with the term...

However they don't provide read only boot disk. Unless you're using Cloud Run or Lambda. Also the confidential computing architecture is a little bit different to ARM. You can check out GCP or AWS documentation.

Azure also has confidential compute, but yes confidential compute on arm is a bit better(mainly becasue its newer so expect x86 to catch up)

@@cooolkie wait they dont or at least they provide ephermeral boot disks(boot disks that gets created fresh on every boot from image aka no data saved on boot disk is kept after shutdown)

@@bigpod They do allow you create a new machine from a fresh boot disk. It's like they copied OS image(Ubuntu, Amazon Linux etc..) to a disk. And boot up system with this disk. However they're still writable. The disk won't be deleted when you shutdown the VM. But you can choose not to keep this disk when you delete or terminate the machine.

@cooolkie interesting on azure you have ephemeral boot disk option where boot disk is created at boot based on image and only data on additional mounted drives stays but any data on boot disk is gone on shutdown

I'm sure the NSA would be more intrested or China

Make that 20

Read Pegasus, a spy in your pocket, saudi princes will pay a billion

Why? They can come to ARM/Apple and "kindly request" secret modifications to give them access. And until someone finds out, you will be none the wiser.

Kim would offert you a North Korean citizenship with a diplomatic passport for it. ;)

exactly.. a few years from now we'll discover a 'bug' in the realm implementation that for some reason bypasses all security when a certain io is performed with a certain register value such a strange weird bug that nobody can explain how it got there

the new Intel chips have "dummy structural support chips"... sure - or just a hardware backdoor

I can't imagine how can it be verifiably private in this case. I haven't found out any high level description on how it works, but I can imagine one way: CPU is manufactured by different company and contains HW key that can subscribe attestation requests. That way you can actually verify that software runs on correct hardware in right environment but you need to trust CPU manufacturer not to leak this key anywhere. In case of apple they control both cloud and CPU production. So if you don't trust Apple all this things seems useless even being open source. If someone dug deeper it would be interesting to learn how it works.

​@@ninele7 I think the only way to truly do this securely without some level of trust is with homomorphic encryption. But that adds tons of overhead which this doesn't seem to be.

So what you're saying is that you have no idea how any of this works.

"new"?

@@Veptis you’re correct. It’s absurdly low. State level actors would pay upwards of 10 mil on the grey market for a zero day like this.

And it's 'maximum' too with minimum not mentioned.

sell it to both 😁

way low for a zero day that would break their compute encryption

Kind of an interesting forcing function. If you find something, you could hold onto it and try sell on the black market, but someone else might find it and hand it to apple first.

Is this true? It was sus already with the "maximum bounty" meaning actual bounty is likely 0...

make apple ID or get 50k. Real hard decision

@@nommy8599 it is in their best interest to pay the people bruh. If they don't then no one will come to them with bugs

​@@nommy8599 these companies do pay a lot of money to people finding security issues How much always depends on the severity, but definitely not even close to 0

Or sell it on the black market for twice and get put in jail when it's used

Source available is useless if we can't verifiable prove that the hardware runs that code, something that currently isn't possible for a cloud instance

Yeah because fixing hardware-level bug that's burned into the silicone isn't as easy as patching code, if a future exploit due to hw bug I think the manufacturer should issue a recall especially if they advertise and charge premium for the feature

Wrongly worded! I don’t trust any of them, but distrust Apple the least. 😜

Yeah looking at license file you can't do much with the code other use it security analysis, definitely source available not open source. I'm glad Apple used better terminology at least.

I agree, but the point of this video isn't "Apple goes Open Source".

“Source Available” would be the correct term in this case

@@maboesanman "Limited Source Available” would be the correct term in this case.

What your actually referring to be GNU/Source Available

i had some long explanation in here but it got too tangled, so here's the short version: The answer to the first question is no, but the the answer to the second question is "also no, unless you're running a suspicious OS which allows it to do that"

I believe so, they are using M3 Macs for their private cloud computing.

@@josephlabs It could also work as a purely software emulator. If that's the case, it just runs significantly slower than the real thing. But if you're a security researcher, that isn't really a problem.

Yeah, it doesn't seem to be based on that at all. So this thing is about as secure as any other cloud offering, seeing as it's physically impossible to verify what hardware/software Apple is running from over the Internet. I bet someone will find a timing attack or something and claim the $1M.

Then find exploits but keep them to yourself until the timing is right...or negotiate for a higher price (but then, they have the upper hand because we're not at release stage).

@@doingwell5629 You are such a downer..

It's a trade-off of whether you think someone else won't find your 0Day before they go live.

I think inviting people into the process is definitely a step in the right direction & hopefully we will see more of this

Which they would probably modify whenever they feel like it.

The reason anti cheat fails isn't due to not having enough complicated software locks, it's entirely due to the hardware that has been compromised by the user themselves.

any attempt to ship hardware locked compute onto your personal computer should be smacked down IMMEDIATELY. microsoft has been trying to ship that for literal DECADES so they can enforce DRM. Encountering a wallhacker in counterstrike every once in a while is a small price to pay for having full control over the compute happening on MY machine in MY home.

Meh, I would take the fappening 2 over the 10k or whatever bs real world payment they would pay out.

If they're paid the 'maximum'... I have no doubt a large corporation will jump at the opportunity to give money away when they don't have to... This seems more like a half arsed publicity stunt. Others here have pointed out such Apple vulnerabilities sell for more elsewhere too. If they were serious they could offer at least as much and not be ambiguous about the reward amount.

Feeding by the spoon...

@Katchi_ It's just common practice to share the link. Reading directly from source publication is not spoon feeding

hence why it's snadboxed i would assume

Vim*

And a worser possibility could very well happen when you hit the limit. I am not about to find out. Don't we see all the criminals out there? Some likes breaking stuff but not so many of them, sometimes I did wonder why they still did what they did, perhaps grudge or smthg idk.

Believe what you do believe sir. 😊

> get in Jail with $0

this is pre-release, so keeping any zero-day info would be a gamble, since someone else can discover the same zero-day and give Apple a heads-up. You're basically playing prisoner's dilemma except you don't know how many prisoners are there, and it's enough for only one to "defect", aka, sell the 0-day info, to spoil the game for everyone

yes, thats how a black marked works. Offer more, than the legal competitors.

In certain cases yes. It makes it an easier sell for other entities that have what they perceive to be "really super secret highly valuable technical trade secrets implemented into code" to use and rely on cloud computing. In particular, smaller corporations are hesitant to rely on the "trust me bro" legal guarantees that Apple and other big corps provide because they know they literally don't have the resources necessary to actually ENFORCE that agreement against the big gorillas. Having a method to run your software without even the running host being able to freely ease-drop on your process memory would largely mitigate that hesitation.... for a price obviously. Couple that with the fact that quite a few moves to the cloud are not the decision of the low level devs, but CTOs and other higher level management who have varying levels of technical background who are just SOLD on the dream problem of 10X growth overnight and being able to handle that scale. Most companies don't have growth patterns that look even remotely like that, even fewer actually need to support it on a recurring basis to make the extra cost and complexity of cloud solutions worth the hassle. Most small companies would perform just fine with modular monoliths and set maintenance and upgrade schedules with a bi-annual review. This turned a bit more into a rant than I initially intended, but TLDR, there are companies that want to use the cloud, but are hesitant because they are worried the cloud provider might snoop on their stuff or enable some third-party to snoop on their stuff.

@@cdkw2 I see it (on mobile)

@@aliengarden ik ik I just thought it looked funny lol

Mhmm, Ikinda agree. However you really do need to watch what you type. I know you are quite intelligent but sometimes pretending to be ignorant and dumb goes a long way. >_

Not sure what individuals being hacked due to their own poor security practices has to do with anything, might as well claim that Nokia phones are unsafe because your nana gave out her bank details to a scammer while using one

@CheeksMcClappinn But Nokia phones are resilient, that can't be. When making a comparison always be careful of exploits. When you compare Apple with Nokia, what you are implying is no longer related neither software, hardware or by accident. Nokia are incredibly resilient in a different way, same as Apple which is equally resilient. In this comparison you made you are assuming 1. Apple should merge with Nokia. 2. Apple product are equally impressive as Nokia product. 3. Apple can get hacked the same way as Nokia gets hacked. 4. Apple has the same software, hardware as to Nokia and if Apple gets hacked that way there is a chance Nokia can completely prevent that from happening. 5. By free speech standard, you just told everyone including Apple that Nokia is making fun of Apple, by using the company name in your sentence for this event.

@@Furry_Lord you wrote all that to refute something which was used as an example of something that you wouldn't say Are you on the spectrum?

@CheeksMcClappinn Beep beep beepbeeep. I dont understand. beeep.

Yes. The alternative is very messy.

That would be very very cool

I like your attitude.