Microsoftsaid Wednesday it will include pay ranges in all of its U.S. job listings, a move that likely foreshadows a range of big corporations following suit, experts say, as competition for talent remains high.
Microsoft's blog post also said it was removing noncompete clauses from its U.S. employee agreements, and will not enforce existing clauses in the U.S., with the exception of executives in senior leadership roles, as well making some changes to its separation agreements.
In a proof of concept, the researchers demonstrated that the attack even works against the kernel — the software core of a device's operating system — which has massive implications for future security work on all ARM systems with pointer authentication enabled, says Joseph Ravichandran, a PhD student at MIT CSAIL and co-lead author of the research paper.
Apple has implemented pointer authentication on all of its custom ARM-based silicon so far, including the M1, M1 Pro and M1 Max, and a number of other chip manufacturers, including Qualcomm and Samsung, have either announced or are expected to ship new processors supporting the hardware-level security feature. MIT said it has not yet tested the attack on Apple's unreleased M2 chip, which also supports pointer authentication.
In May last year, a developer discovered an unfixable flaw in Apple's M1 chip that creates a covert channel that two or more already installed malicious apps could use to transmit information to each other. But the bug was ultimately deemed harmless as malware can't use it to steal or interfere with data that's on a Mac.
