Researchers have discovered a new unpatched security flaw that, if exploited by an attacker, can break the encryption on the best MacBooks
As reported by 9To5Mac, the recently discovered vulnerability affects all Macs running Apple silicon, including the company's M1, M2, and M3 chips To make matters worse, the flaw exists in the architecture of these chips and cannot be fully fixed by Apple Instead, a fix must be made before the iPhone maker releases the M4 chip later this year
Like last year's iLeakage attack, this flaw is also side-channel and, under the right circumstances, could allow an attacker to extract the end-to-end key used for encryption Fortunately, however, it takes a significant amount of time to exploit this vulnerability, making it quite difficult for an attacker to exploit this vulnerability
Whether you have Apple's recently released MacBook Air M3 model or an older MacBook Pro with a 2020-era M1 chip, there are a few things you should know about this unpatchable security flaw to protect yourself Here's what you need to know about this unpatchable security flaw, along with some tips to protect yourself
The new vulnerability was discovered by a team of seven academic researchers from universities across the United States and is detailed in a research paper (PDF) on microarchitecture side-channel attacks
To show how this flaw could be exploited by attackers, they created an app called GoFetch Instead, it only requires the same user permissions used by most third-party Mac apps
For those unfamiliar with Apple's M-series chips, they are all divided into clusters, each housing a core; if the GoFetch app and the crypto app being targeted by the attacker are running on the same performance cluster, GoFetch can mine enough secrets to leak secret keys
It gets a little technical, so I recommend reading the Ars Technica report for a more in-depth look, but essentially, this unpatchable vulnerability is bad news for Apple, but for PC users, the Meltdown and Spectre flaws will not have nearly the same impact
Since the flaw exists in Apple's chip itself and not in the software, it cannot be patched; the iPhone maker would have to release a brand new chip to fully fix this flaw
Because it is an unpatchable vulnerability, the researchers who discovered it suggest that the best thing Apple can do is to implement workarounds to address this vulnerability in its M1, M2, and M3 chips
These workarounds are on the software side, where cryptographic software developers can add or remove masks for sensitive values, such as those used in encryption keys, before they are stored in memory or after they are loaded from memory (ciphertext blinding) However, the ciphertext blinding is not a security measure that can be used to protect sensitive values, such as those used for the ciphertext
The big problem here, however, is that implementing something like this would seriously hurt performance Thankfully, however, it is not that easy to exploit this vulnerability
In order for hackers to exploit this unpatched vulnerability, they must first trick unsuspecting Mac users into installing a malicious app on their computers Since Apple blocks unsigned apps by default in macOS, it is much more difficult to install the malicious apps needed for a successful attack
From here, the attack would take much longer to execute In fact, in the researchers' tests, it took nearly an hour to 10 hours to execute this attack, during which time the malicious app would need to run continuously
Nothing has yet been announced by Apple regarding this unpatchable vulnerability, but we will update this article as soon as it is announced Until then, the researchers recommend keeping all software on Macs with Apple silicon up to date and installing updates from Apple on a regular basis as soon as they become available
Comments