IMG-LOGO

‘Unpatchable’ flaw in Apple M-series chip may allow access to encrypted data

News Feed - 2024-03-22 05:03:04

Savannah Fortis13 minutes ago‘Unpatchable’ flaw in Apple M-series chip may allow access to encrypted dataA new unpatchable vulnerability in Apple"s M-series of chips was discovered which could potentially allow hackers access to extract secret keys and encrypted data from Macs.82 Total viewsListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksNew findings from academics revealed a severe vulnerability in Apple’s M-series chips, which could potentially enable malevolent actors the ability to access confidential encryption keys from Mac devices. 


The report, published on March 21 by a group of researchers from multiple United States-based universities, identified the vulnerability as a side channel exploit, which allows hackers to illicitly obtain end-to-end encryption keys when Apple chips execute commonly used cryptographic protocols.


However, unlike conventional vulnerabilities that can be remedied through direct patches, this particular issue is deeply rooted in the microarchitectural design of the silicon itself, calling it “unpatchable.”


In order to properly address the flaw, third-party cryptographic software would need to be utilized and could severely hamper the performance of the Apple M-series chips, particularly the earlier iterations such as the M1 and M2 chips.


These findings highlight a major flaw and challenge for Apple’s hardware security infrastructure. If exploited, hackers could intercept and exploit memory access patterns to extract sensitive information such as encryption keys utilized by cryptographic applications.


Related:Apple co-founder wins against YouTube in Bitcoin scam lawsuit


The researchers labeled this type of hack a “GoFetch” exploit. The hack functions seamlessly within the user environment and requires only standard user privileges, similar to those needed by regular applications.


After the research surfaced users in online mac forums began to question whether or not there is now cause for major concern or necessary action regarding password keychains.


One user said they believed that Apple will mitigate the problem within their OS directly — if not, they will be “more worried.”A Mac user shares their concerns on the MacRumors website. Source: Seek3r on MacRumors


Another user said this flaw has been known to Apple for a while and pointed out that it could be why Apple’s M3 has “an added instruction to disable DMP.” The user said the previous research on the topic was called an “augury” and dates back to 2022. 


This finding comes as Apple finds itself in an extensive antitrust lawsuitwith the U.S. Department of Justice (DOJ), which claims its app store rules and “monopoly” illegally throttled competition and suffocated innovation.


The DOJ has also alleged that Apple severed access to competing digital wallets which provide a “wide variety of enhanced features,” while blocking developers from providing their own payment services to users.


Magazine:Why boomers ‘like’ AI pics on Facebook, mind-reading AI breakthrough: AI Eye# Apple# Business# Hackers# HacksAdd reactionAdd reactionRead moreJudge greenlights class suit alleging Silvergate Bank aided FTX fraudGBTC outflows top $358M, but one theory suggests it’s almost overAutomation app IFTTT blamed for recent ‘$Packy’ token scam on X