To be fair, they didn't claim it to be a meaningful attack deterrent. They said "success...in increasing exploitation complexity".
Sure, the whole sentence is a bit of a weird mess. Paraphrased: it made exploits more complex, so we concluded that we needed a combined SW/HW approach. What I read into that is that they're admitting PAC didn't work, so they needed to come up with a new approach and part of that approach was to accept that they couldn't do it using either SW or HW alone.
Then again... I don't know much about PAC, but to me it seems like it's a HW feature that requires SW changes to make use of it, so it's kind of HW+SW already. But that's a pointless quibble; EMTE employs a lot more coordination and covers a lot more surface, iiuc.
Making attackers work harder is still a worthwhile goal. No security is perfect.
Also, all of these security improvements are nearly-free assert()s which catch memory bugs.
> It hasn’t been a meaningful attack deterrent because attackers keep finding PAC bypasses.
Correction: it forces attackers to find PAC bypasses. They are not infinite.
Haha, just because there's been bypasses doesn't mean it hasn't been effective.
There have been multiple full-chain attacks since the introduction of PAC. It hasn’t been a meaningful attack deterrent because attackers keep finding PAC bypasses. This should give you pause as to how secure EMTE actually is.