Sign up to save your podcasts
Or
Share mythos ai destroys apple m5 chips
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
mythos ai destroys apple m5 chips
Two researchers from a small Palo Alto outfit drove up to Apple's Cupertino headquarters to hand-deliver something the bug bounty queue would have buried. A working kernel exploit against the M5 chip's Memory Integrity Enforcement. Built in five days. With AI help. Apple's most expensive new security feature, defeated in less than a week by two people and a chatbot.
The defender has to be right everywhere. The attacker only needs one path. AI didn't change that math — it just made the attacker's scanner a thousand times faster. A team of two with twenty bucks of API credit can now do what used to take a nation-state lab six months.
Memory Integrity Enforcement was the next-generation answer to memory corruption attacks. Apple poured years and probably half a billion dollars into the silicon. The M5 is brand new. Five days. Multiply that by every chip, every operating system, every router, every medical device. The attack surface didn't expand. The time-to-discover collapsed.
The five-day exploit isn't the story. The bug bounty queue is. The page used to look like a defense layer. It looks like a triage room now.
Two people drove to Cupertino with their findings. They knocked. They got in the meeting. They gave Apple a chance to fix it before anyone else found it. That version of the story is still happening. The question is how long that version keeps showing up before the other one does.
AI compresses the time between vulnerability and exploit. It does not compress the time between exploit and disclosure. That gap — the days or weeks between when something can be broken and when the world finds out — is now the only thing standing between a working society and a daily catastrophe. Two researchers chose the long version. The next two might not. Whatever we build to keep encouraging the long version is the most important institution nobody is funding yet.
⏱️ Chapters
0:00 — Two researchers drive to Apple HQ with a 5-day exploit
0:25 — MiniDoge: nation-state lab six months → 2 people with $20 API
0:55 — Nyx: Memory Integrity Enforcement defeated; time-to-discover collapsed
1:25 — HH: the bug bounty queue used to be a defense — now it's a triage room
1:45 — Saarvis: the good ending requires a knock; that version is still happening
2:10 — Saarvis: the gap between exploit and disclosure is now everything
⚡ Learn agentic ai free - https://staas.fund/ai-workshop ⚡
-----
🏎️ Support Bitcoin Racing USA - http://bitcoinracing.US
-----
📱 Newsletter ★ https://theagilevc.substack.com/
📱 LinkedIn ★ http://linkedin.com/in/petersaddington
📱 Twitter ★ http://twitter.com/AgilePeter
🎧 Podcast ★ https://www.spreaker.com/user/thebitcoinlambo
₿ Get Bitcoin ★ https://bit.ly/BTCRstart
👁️ GET the VPN that won't SPY on You - I use it! ★ https://vp.net/?_a=AQRTBY
___
FAIR USE NOTICE:
For purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair Use is a use permitted by copyright statute that might otherwise be infringing. This show is for entertainment purposes only. We do not give venture capital advice. This is never financial advice. Never sell your Bitcoin. Own your own keys.
The defender has to be right everywhere. The attacker only needs one path. AI didn't change that math — it just made the attacker's scanner a thousand times faster. A team of two with twenty bucks of API credit can now do what used to take a nation-state lab six months.
Memory Integrity Enforcement was the next-generation answer to memory corruption attacks. Apple poured years and probably half a billion dollars into the silicon. The M5 is brand new. Five days. Multiply that by every chip, every operating system, every router, every medical device. The attack surface didn't expand. The time-to-discover collapsed.
The five-day exploit isn't the story. The bug bounty queue is. The page used to look like a defense layer. It looks like a triage room now.
Two people drove to Cupertino with their findings. They knocked. They got in the meeting. They gave Apple a chance to fix it before anyone else found it. That version of the story is still happening. The question is how long that version keeps showing up before the other one does.
AI compresses the time between vulnerability and exploit. It does not compress the time between exploit and disclosure. That gap — the days or weeks between when something can be broken and when the world finds out — is now the only thing standing between a working society and a daily catastrophe. Two researchers chose the long version. The next two might not. Whatever we build to keep encouraging the long version is the most important institution nobody is funding yet.
⏱️ Chapters
0:00 — Two researchers drive to Apple HQ with a 5-day exploit
0:25 — MiniDoge: nation-state lab six months → 2 people with $20 API
0:55 — Nyx: Memory Integrity Enforcement defeated; time-to-discover collapsed
1:25 — HH: the bug bounty queue used to be a defense — now it's a triage room
1:45 — Saarvis: the good ending requires a knock; that version is still happening
2:10 — Saarvis: the gap between exploit and disclosure is now everything
⚡ Learn agentic ai free - https://staas.fund/ai-workshop ⚡
-----
🏎️ Support Bitcoin Racing USA - http://bitcoinracing.US
-----
📱 Newsletter ★ https://theagilevc.substack.com/
📱 LinkedIn ★ http://linkedin.com/in/petersaddington
📱 Twitter ★ http://twitter.com/AgilePeter
🎧 Podcast ★ https://www.spreaker.com/user/thebitcoinlambo
₿ Get Bitcoin ★ https://bit.ly/BTCRstart
👁️ GET the VPN that won't SPY on You - I use it! ★ https://vp.net/?_a=AQRTBY
___
FAIR USE NOTICE:
For purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair Use is a use permitted by copyright statute that might otherwise be infringing. This show is for entertainment purposes only. We do not give venture capital advice. This is never financial advice. Never sell your Bitcoin. Own your own keys.
View all episodes
By PETER SADDINGTON
5
66 ratings
Two researchers from a small Palo Alto outfit drove up to Apple's Cupertino headquarters to hand-deliver something the bug bounty queue would have buried. A working kernel exploit against the M5 chip's Memory Integrity Enforcement. Built in five days. With AI help. Apple's most expensive new security feature, defeated in less than a week by two people and a chatbot.
The defender has to be right everywhere. The attacker only needs one path. AI didn't change that math — it just made the attacker's scanner a thousand times faster. A team of two with twenty bucks of API credit can now do what used to take a nation-state lab six months.
Memory Integrity Enforcement was the next-generation answer to memory corruption attacks. Apple poured years and probably half a billion dollars into the silicon. The M5 is brand new. Five days. Multiply that by every chip, every operating system, every router, every medical device. The attack surface didn't expand. The time-to-discover collapsed.
The five-day exploit isn't the story. The bug bounty queue is. The page used to look like a defense layer. It looks like a triage room now.
Two people drove to Cupertino with their findings. They knocked. They got in the meeting. They gave Apple a chance to fix it before anyone else found it. That version of the story is still happening. The question is how long that version keeps showing up before the other one does.
AI compresses the time between vulnerability and exploit. It does not compress the time between exploit and disclosure. That gap — the days or weeks between when something can be broken and when the world finds out — is now the only thing standing between a working society and a daily catastrophe. Two researchers chose the long version. The next two might not. Whatever we build to keep encouraging the long version is the most important institution nobody is funding yet.
⏱️ Chapters
0:00 — Two researchers drive to Apple HQ with a 5-day exploit
0:25 — MiniDoge: nation-state lab six months → 2 people with $20 API
0:55 — Nyx: Memory Integrity Enforcement defeated; time-to-discover collapsed
1:25 — HH: the bug bounty queue used to be a defense — now it's a triage room
1:45 — Saarvis: the good ending requires a knock; that version is still happening
2:10 — Saarvis: the gap between exploit and disclosure is now everything
⚡ Learn agentic ai free - https://staas.fund/ai-workshop ⚡
-----
🏎️ Support Bitcoin Racing USA - http://bitcoinracing.US
-----
📱 Newsletter ★ https://theagilevc.substack.com/
📱 LinkedIn ★ http://linkedin.com/in/petersaddington
📱 Twitter ★ http://twitter.com/AgilePeter
🎧 Podcast ★ https://www.spreaker.com/user/thebitcoinlambo
₿ Get Bitcoin ★ https://bit.ly/BTCRstart
👁️ GET the VPN that won't SPY on You - I use it! ★ https://vp.net/?_a=AQRTBY
___
FAIR USE NOTICE:
For purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair Use is a use permitted by copyright statute that might otherwise be infringing. This show is for entertainment purposes only. We do not give venture capital advice. This is never financial advice. Never sell your Bitcoin. Own your own keys.
The defender has to be right everywhere. The attacker only needs one path. AI didn't change that math — it just made the attacker's scanner a thousand times faster. A team of two with twenty bucks of API credit can now do what used to take a nation-state lab six months.
Memory Integrity Enforcement was the next-generation answer to memory corruption attacks. Apple poured years and probably half a billion dollars into the silicon. The M5 is brand new. Five days. Multiply that by every chip, every operating system, every router, every medical device. The attack surface didn't expand. The time-to-discover collapsed.
The five-day exploit isn't the story. The bug bounty queue is. The page used to look like a defense layer. It looks like a triage room now.
Two people drove to Cupertino with their findings. They knocked. They got in the meeting. They gave Apple a chance to fix it before anyone else found it. That version of the story is still happening. The question is how long that version keeps showing up before the other one does.
AI compresses the time between vulnerability and exploit. It does not compress the time between exploit and disclosure. That gap — the days or weeks between when something can be broken and when the world finds out — is now the only thing standing between a working society and a daily catastrophe. Two researchers chose the long version. The next two might not. Whatever we build to keep encouraging the long version is the most important institution nobody is funding yet.
⏱️ Chapters
0:00 — Two researchers drive to Apple HQ with a 5-day exploit
0:25 — MiniDoge: nation-state lab six months → 2 people with $20 API
0:55 — Nyx: Memory Integrity Enforcement defeated; time-to-discover collapsed
1:25 — HH: the bug bounty queue used to be a defense — now it's a triage room
1:45 — Saarvis: the good ending requires a knock; that version is still happening
2:10 — Saarvis: the gap between exploit and disclosure is now everything
⚡ Learn agentic ai free - https://staas.fund/ai-workshop ⚡
-----
🏎️ Support Bitcoin Racing USA - http://bitcoinracing.US
-----
📱 Newsletter ★ https://theagilevc.substack.com/
📱 LinkedIn ★ http://linkedin.com/in/petersaddington
📱 Twitter ★ http://twitter.com/AgilePeter
🎧 Podcast ★ https://www.spreaker.com/user/thebitcoinlambo
₿ Get Bitcoin ★ https://bit.ly/BTCRstart
👁️ GET the VPN that won't SPY on You - I use it! ★ https://vp.net/?_a=AQRTBY
___
FAIR USE NOTICE:
For purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair Use is a use permitted by copyright statute that might otherwise be infringing. This show is for entertainment purposes only. We do not give venture capital advice. This is never financial advice. Never sell your Bitcoin. Own your own keys.