A new security vulnerability has been discovered in Apple's Mac and sex co noi dungMacBook computers – and the worst part is that it's unpatchable.
Academic researchers discoveredthe vulnerability, first reported by Ars Technica, which allows hackers to gain access to secret encryption keys on Apple computers with Apple's new Silicon M-Series chipset. This includes the M1, M2, and M3 Apple MacBook and Mac computer models.
SEE ALSO: Bing vulnerability made it possible to alter search resultsBasically, this vulnerability can be found in any new Apple computer released from late 2020 to today.
The issue lies with prefetchers— components meant to predictively retrieve data before a request to increase processing speed — and the opening they leave for malicious attacks from bad actors.
The researchers have dubbed the attack "GoFetch," which they describe as "a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs)."
A side-channel attack is a type of cyber attack that uses extra information that's left vulnerable due to the design of a computer protocol or algorithm.
The researchers explained the issue in an email to Ars Technica:
Prefetchers usually look at addresses of accessed data (ignoring values of accessed data) and try to guess future addresses that might be useful. The DMP is different in this sense as in addition to addresses it also uses the data values in order to make predictions (predict addresses to go to and prefetch). In particular, if a data value "looks like" a pointer, it will be treated as an "address" (where in fact it's actually not!) and the data from this "address" will be brought to the cache. The arrival of this address into the cache is visible, leaking over cache side channels.
Our attack exploits this fact. We cannot leak encryption keys directly, but what we can do is manipulate intermediate data inside the encryption algorithm to look like a pointer via a chosen input attack. The DMP then sees that the data value "looks like" an address, and brings the data from this "address" into the cache, which leaks the "address." We don’t care about the data value being prefetched, but the fact that the intermediate data looked like an address is visible via a cache channel and is sufficient to reveal the secret key over time.
Basically, the researchers discovered that the DMPs in Apple's Silicon chipsets – M1, M2 and, M3 – can give hackers access to sensitive information, like secret encryption keys. The DMPs can be weaponized to get around security found in cryptography apps, and they can do so quickly too. For example, the researchers were able to extract an 2048-bit RSA key in under one hour.
Usually, when a security flaw is discovered nowadays, a company can patch the issue with a software fix. However, the researchers say this one is unpatchable because the issue lies with the "microarchitectural" design of the chip. Furthermore, security measures taken to help mitigate the issue would require a serious degradation of the M-series chips' performance.
Researchers saythat they first brought their findings to Apple's attention on December 5, 2023. They waited 107 days before disclosing their research to the public.
Topics Apple Cybersecurity MacBook
WCBT’s ‘Oldies Five
Ideology Ruled Her Camera
Burn Down the House
Best early Prime Day deal: Save 40% on the Ember Mug at Amazon
Mind Music Founders NFTs Collection Receives Rave Reviews
Project Ludicrous
Best Amazon TV deals: More on sale ahead of Prime Day than usual
Best budget gaming monitor deal: Samsung 27
‘Hold These Truths’ Ends This Weekend at Coachella Valley Rep
How CPUs are Designed, Part 4: Where is Computer Architecture and Design Headed?
From Sulu to Spock
Best budget gaming monitor deal: Samsung 27
I took the solar eclipse flight. Here's my journey at 30,000 feet.
Stunning video reveals Jupiter's roiling auroras. See it now.
Bashoswap Expands to Mikomedia Testnet and $BASH Token Sale
Probably Oblivion
New York Groove
Bill Nye is only taking selfies with climate
Covesting April Review: Profitable Trading Strategies and 5,000% ROI
Which iPad Model Should You Get?
M3 MacBook Air vs. M3 MacBook Pro: Which Mac is best for you?Google is rolling out 'AITerrify Your Tablet Day 2024: Our favorite deals on thriller novelsIRS Direct File expands to new states, tax situationsIRS Direct File expands to new states, tax situationsSame as the Old BossWordle today: The answer and hints for October 6NRL Grand Final 2024 livestream: How to watch NRL for freeWordle today: The answer and hints for October 5Best early October Prime Day 2 Dog is super concerned when his buddy fakes being dead Hilary Duff's new tattoo, by any other name, would still smell as sweet The second presidential debate, told through Hillary Clinton's faces Here's what happens if Donald Trump raises Bill Clinton's sexual misconduct at the debate Man arrested for allegedly playing porn on a public billboard he 'hacked' Pebble 2's heart rate sensor makes it an attractive fitness tracker smartwatch This Donald Trump animal comparison will make you feel a bit sick A momentous day as the last Australian Rudy Giuliani stumped when attempting to defend Donald Trump on 'Meet The Press' Donald Trump accuses Hillary Clinton of having 'tremendous hate in her heart'
0.1912s , 8169.984375 kb
Copyright © 2025 Powered by 【sex co noi dung】Vulnerability found in Apple's Silicon M,Feature Flash
