Categories: Market

“Cannot be patched”: Vulnerability discovered in Apple chips

class = “sc-cffd1e67-0 iQNQmc”>

1/5
There is a security vulnerability in Apple’s M1, M2 and M3 processors.
Tobias BolzernEditor Digital

Security vulnerabilities in processors are a disaster for manufacturers. In 2018, Specter and Meltdown vulnerabilities in Intel, AMD and ARM processors made headlines around the world. Billions of devices were at risk.

Now, a report on Apple processors by a team of researchers from several American universities is making people sit up and take notice. They discovered a critical vulnerability in M-series chips that allows attackers to obtain cryptographic keys. The vulnerability is called Gofetch. Apple uses M1, M2 and M3 processors in Macs and some iPads. This means potentially millions of devices are affected.

More information about vulnerabilities
IT specialist sounds the alarm
100,000 Internet provider routers unprotected on network
Attack on Blick reader
“They stole my WhatsApp account while I was sleeping”
IT security in Swiss SMEs
“The biggest weakness in information systems is people.”
Federal government warns of attack
One call is all it takes to hack your WhatsApp account
Security vulnerability detected
German hackers hacked Tesla and explained how

The most sensitive data is at risk

Mashable.com writes that, in principle, the vulnerability is present in all Apple computers released between the end of 2020 and today. The consequences of this are serious. Gofetch allows attackers to bypass encryption and access the user’s most sensitive data.

The discovered vulnerability is based on an optimization function of the chips called Data Memory Dependent Prefetcher (DMP). This aims to improve the performance of the chips by allowing DMP to predict what data will be needed in the near future and then load that data into the CPU cache. It was now possible to take full advantage of this prediction.

Who was affected?

Researchers have shown that they can read complex cryptographic keys for encryption with an effort of anywhere from 30 minutes to 14 hours. According to researchers, Apple was notified of this vulnerability on December 5, 2023.

So who exactly is affected by this gap? “This is primarily a problem for servers (with TLS) or organizations where users encrypt their information. “In principle, any organization using Apple processors and using encryption should be worried,” an IT expert explains to scmagazine.com.

Advert

Problem: In an email to specialist journal arstechnica.com, researchers explain that the fix is ​​not easy because the problem lies in the architecture of the chip. Additionally, security measures that can help resolve the issue will also affect the performance of M series chips.

Cheating can solve the problem

But there is also good news. On the one hand, a lot of technical know-how is required to exploit this vulnerability. On the other hand, techradar.com explains that in the case of Gofetch, the drop in performance only affects encryption functions, so this shouldn’t be a big problem for most users.

As Theregister.com explains, there may already be a temporary solution. According to the magazine, M chips have two types of cores: Firestorm and Icestorm. Gofetch only works with Firestorm. In particular, this means that if the encryption functions are ported to Icestorm, the problem will be solved. This also affects performance but not security. The relevant request from Blick to Apple is still pending.

Source :Blick

Share
Published by
Tim

Recent Posts

Terror suspect Chechen ‘hanged himself’ in Russian custody Egyptian President al-Sisi has been sworn in for a third term

On the same day of the terrorist attack on the Krokus City Hall in Moscow,…

1 year ago

Locals demand tourist tax for Tenerife: “Like a cancer consuming the island”

class="sc-cffd1e67-0 iQNQmc">1/4Residents of Tenerife have had enough of noisy and dirty tourists.It's too loud, the…

1 year ago

Agreement reached: this is how much Tuchel will receive for his departure from Bayern

class="sc-cffd1e67-0 iQNQmc">1/7Packing his things in Munich in the summer: Thomas Tuchel.After just over a year,…

1 year ago

Worst earthquake in 25 years in Taiwan +++ Number of deaths increased Is Russia running out of tanks? Now ‘Chinese coffins’ are used

At least seven people have been killed and 57 injured in severe earthquakes in the…

1 year ago

Now the moon should also have its own time (and its own clocks). These 11 photos and videos show just how intense the Taiwan earthquake was

The American space agency NASA would establish a uniform lunar time on behalf of the…

1 year ago

This is how the Swiss experienced the earthquake in Taiwan: “I saw a crack in the wall”

class="sc-cffd1e67-0 iQNQmc">1/8Bode Obwegeser was surprised by the earthquake while he was sleeping. “It was a…

1 year ago