Apple chip issues: What devices might be affected

0

Apple’s M1 chips have a hardware vulnerability that could allow attackers to get through the last line of security.

Thus, according to MIT researchers, a security issue with Apple M1 chips exists, which a software patch cannot solve. Apple has developed its chips, which are very powerful and energy efficient, but, like those produced by Intel, AMD and others, they are not exempt from vulnerabilities that can facilitate hacker attacks.

For reference, the problem discovered by MIT researchers lies in the PAC (pointer authentication codes) component, a security mechanism designed to prevent code from being injected into the device’s memory.

What’s wrong with Apple?

According to TechCrunch, they have created a type of attack that combines speculative execution and memory corruption to trick the PAC mechanism and compromise device security without leaving a trace. Unfortunately, because it is a hardware vulnerability, it can’t be resolved with a software update.

Therefore, a change in the design of future generations of chips is needed so that they do not continue to have the same security problem.

Worse, the PAC mechanism, which Apple is already using on its chips, is to be implemented by other manufacturers, including Qualcomm and Samsung. This means that many other devices and Apple could become susceptible to the same problem.

“The idea behind pointer authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system,” Ravichandran added. “We’ve shown that pointer authentication as a last line of defense isn’t as absolute as we once thought it was.”

In May last year, a developer discovered an irreparable bug in Apple’s M1 chip, which creates a hidden channel that two or more malicious applications already installed could use to transmit information between them. But the bug was ultimately considered “harmless” because the malware cannot use to steal or interfere with data on a Mac.

Go to the source link

Leave A Reply

Your email address will not be published.