frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Two Paths to Memory Safety: CHERI and OMA

https://ednutting.com/2025/10/05/cheri-vs-oma.html
22•yvdriess•5h ago

Comments

yvdriess•3h ago
Related discussions:

- CHERI with a Linux on Top https://news.ycombinator.com/item?id=45487629

- Why not object capability languages? https://news.ycombinator.com/item?id=43956095

- Ask HN: Why isn't capability-based security more common? https://news.ycombinator.com/item?id=45261574

pjmlp•2h ago
Three paths, SPARC Application Data Integrity (ADI)

https://docs.oracle.com/en/operating-systems/solaris/oracle-...

Although I do conceed, most folks aren't keen into picking up anything related to Oracle or Solaris nowadays.

EdNutting•2h ago
I haven't come across this specific feature before. From reading about it, it seems closely related to Arm (E)MTE ISA extensions - Memory Tagging Extension?

What's interesting is that approach (software-defined 'random' numbers to associate memory regions and valid pointers) provides only probabilistic memory safety. A malicious actor may find a way to spoof/guess the tag needed to access a particular piece of memory. Given Arm MTE has been breached in the last year, it's hard to argue that it's a good enough security guarantee. EMTE may fix issues (e.g. side-channels) but leaves open the probabilistic pathway (i.e. "guess the tag") which is a hole MTE isn't designed to try to close (so, a software breach on top of a chip with EMTE can't necessarily be argued to be a violation of the hardware's security properties, though it may exploit the architectural security hole).

In contrast, CHERI and OMA (Object Memory Architecture) are both providing hardware-enforced guarantees of memory safety properties - unbreakable even if the attacker has perfect knowledge - backed up by formal proofs of these claims.

CHERI offers referential and spatial safety as hardware guarantees, with temporal being achievable in software. OMA offers referential, spatial and temporal safety as hardware guarantees.

pjmlp•1h ago
Kind of, with the difference that it has been in production since 2015 on Solaris SPARC systems, granted they aren't as widespread as they once were.

Sometimes the perfect is enemy from good, none of the memory tagging solutions has achieved mainstream widespread adoption outside iDevices.

Google apparently doesn't want to anger Android OEMs demanding it to be required by Android, thus it remains a Pixel only feature.

CHERI and OMA are going to still take years for mainstream adoption if ever comes to it.

I had hopes for whatever Microsoft was doing in CHERIoT to eventually come to Windows in some fashion, but best it has happened seems to be the adoption of Pluton in CoPilot+ PC, which anyway serves a different purpose.

rubymamis•1h ago
Can you please provide sources about Arm EMTE being breached? I couldn’t find any information online.
mlinksva•18m ago
There doesn't seem to be much info about OMA available online. Your thesis linked from https://www.bristol.ac.uk/research/groups/trustworthy-system... which is linked from your home page/timeline is a broken link. Perhaps https://dl.acm.org/doi/fullHtml/10.1145/3450147 is the best in depth info available currently? Looking forward to future developments and success!
VyseofArcadia•1h ago
Could we also consider just not connecting critical systems to the internet at large? No reason, for example, for the Jaguar assembly line to depend on an internet connection.
EdNutting•1h ago
I suppose we could all do what Asahi have been forced to do and go back to using pens, paper and fax machines: https://www.bbc.co.uk/news/articles/cly64g5y744o
like_any_other•31m ago
Malware can hop through airgaps on USB keys, so that's not enough: https://en.wikipedia.org/wiki/Stuxnet
wbl•1m ago
How else do you expect to move the information around between sites and use it?
pizlonator•1h ago
Unlikely that new HW will be the solution.

You can have a memory safe Linux userland today in stock hardware. https://fil-c.org/pizlix

Findecanor•35m ago
Fil-C is basically CHERI in software, with large speed and memory overhead.
actionfromafar•24m ago
But seemingly on track to move from "large" to "significant" speed and memory overhead. It is already really useful especially for running tests in pipelines.

Show HN: SQLite Online – 11 years of solo development, 11K daily users

https://sqliteonline.com/
105•sqliteonline•2h ago•45 comments

Spotlight on pdfly, the Swiss Army knife for PDF files

https://chezsoi.org/lucas/blog/spotlight-on-pdfly.html
191•Lucas-C•6h ago•61 comments

No Science, No Startups: The Innovation Engine We're Switching Off

https://steveblank.com/2025/10/13/no-science-no-startups-the-unseen-engine-were-switching-off/
30•chmaynard•2h ago•5 comments

More random home lab things I've recently learned

https://chollinger.com/blog/2025/10/more-homelab-things-ive-recently-learned/
74•otter-in-a-suit•1w ago•28 comments

Ancient Patagonian hunter-gatherers took care of their injured and disabled

https://phys.org/news/2025-10-ancient-patagonian-hunter-disabled.html
26•pseudolus•6d ago•19 comments

Smartphones and Being Present

https://herman.bearblog.dev/being-present/
11•articsputnik•48m ago•3 comments

Control your Canon Camera wirelessly

https://github.com/JulianSchroden/cine_remote
39•nklswbr•5d ago•2 comments

Software update bricks some Jeep 4xe hybrids over the weekend

https://arstechnica.com/cars/2025/10/software-update-bricks-some-jeep-4xe-hybrids-over-the-weekend/
24•gloxkiqcza•40m ago•10 comments

Matrices can be your Friends

https://www.sjbaker.org/steve/omniv/matrices_can_be_your_friends.html
64•todsacerdoti•4h ago•44 comments

Wireguard FPGA

https://github.com/chili-chips-ba/wireguard-fpga
591•hasheddan•21h ago•148 comments

California Will Stop Using Coal as a Power Source Next Month

https://hardware.slashdot.org/story/25/10/13/032224/california-will-stop-using-coal-as-a-power-so...
67•01-_-•2h ago•15 comments

MPTCP for Linux

https://www.mptcp.dev/
36•SweetSoftPillow•5h ago•6 comments

LaTeXpOsEd: A Systematic Analysis of Information Leakage in Preprint Archives

https://arxiv.org/abs/2510.03761
45•oldfuture•6h ago•12 comments

Some graphene firms have reaped its potential but others are struggling

https://www.theguardian.com/business/2025/oct/13/lab-to-fab-are-promises-of-a-graphene-revolution...
47•robaato•6h ago•24 comments

Clockss: Digital preservation services run by academic publishers and libraries

https://clockss.org/
28•robtherobber•5d ago•7 comments

Putting a dumb weather station on the internet

https://colincogle.name/blog/byo-weather-station/
99•todsacerdoti•5d ago•24 comments

Modern Linux tools

https://ikrima.dev/dev-notes/linux/linux-modern-tools/
143•randomint64•5h ago•117 comments

MicroPythonOS – An Android-like OS for microcontrollers

https://micropythonos.com
143•alefnula•4d ago•42 comments

The Peach meme: On CRTs, pixels and signal quality (again)

https://www.datagubbe.se/crt2/
14•phaser•55m ago•0 comments

Tauri binding for Python through Pyo3

https://github.com/pytauri/pytauri
136•0x1997•5d ago•41 comments

Supermassive black holes locked in a stable orbit around each other

https://www.helsinkitimes.fi/themes/themes/science-and-technology/28090-scientists-capture-first-...
4•DaveZale•9m ago•1 comments

Ask HN: What are you working on? (October 2025)

282•david927•18h ago•778 comments

Two Paths to Memory Safety: CHERI and OMA

https://ednutting.com/2025/10/05/cheri-vs-oma.html
22•yvdriess•5h ago•13 comments

gsay: Fetch pronunciation of English vocabulary from Google

https://github.com/pvonmoradi/gsay
20•pooyamo•5h ago•10 comments

Show HN: Baby's first international landline

https://wip.tf/posts/telefonefix-building-babys-first-international-landline/
184•nbr23•5d ago•49 comments

AI Is Too Big to Fail

https://sibylline.dev/articles/2025-10-12-ai-is-too-big-to-fail/
9•raffael_de•3h ago•3 comments

A16Z-backed data firms Fivetran, dbt Labs to merge in all-stock deal

https://www.reuters.com/business/a16z-backed-data-firms-fivetran-dbt-labs-merge-all-stock-deal-20...
6•mjirv•26m ago•0 comments

Jeffrey Hudson the Court Dwarf of the English Queen Henrietta Maria of France

https://en.wikipedia.org/wiki/Jeffrey_Hudson
37•daverol•5d ago•16 comments

Emacs agent-shell (powered by ACP)

https://xenodium.com/introducing-agent-shell
207•Karrot_Kream•18h ago•30 comments

Three ways formally verified code can go wrong in practice

https://buttondown.com/hillelwayne/archive/three-ways-formally-verified-code-can-go-wrong-in/
158•todsacerdoti•1d ago•99 comments