Unpatchable Apple Silicon vulnerability could leak encryption keys

[Daniel Sims]

In brief: Hardware-based security flaws have become more frequent over the last several years but have mostly affected Intel and AMD processors. Now, Apple joins those ranks with a recently discovered vulnerability that causes Mac M-series CPUs to expose encryption keys. Since it is hardware-based, there is little users can do besides keeping macOS updated.

A recently published paper describes a flaw primarily affecting Apple Silicon that allows attackers to circumvent end-to-end encryption through a side-channel attack on the company's devices. Anyone developing encryption software for Macs likely needs to rethink their security procedures.

The security analysts confirmed the exploit, dubbed GoFetch, works on M1 CPUs and speculate that it likely also impacts M2 and M3 chips and their Pro and Max variants. Intel's 13th-generation Raptor Lake processors also exhibit the flaw that enables GoFetch but are probably unaffected.

The problem lies with the data memory-dependent prefetcher (DMP) – a CPU feature that improves performance by pulling pre-cached data based on predictions. Constant-time programming, which strictly controls the speed of a system's operations, would typically protect against side-channel attacks. Unfortunately, the DMP breaks the feature, hobbling a vital security layer.

The researchers told Ars Technica that GoFetch manipulates the DMP into leaking enough data into the cache over time for an attacker to determine an end-to-end encryption key. All that users can do to mitigate GoFetch is to keep their Macs updated. Cryptographic library developers have a few options, but they come with drawbacks.

The nuclear option would be to disable DMP entirely, but this only works on M3 processors and significantly impacts performance. Alternatively, developers could run encryption entirely on Icestorm cores – Apple's equivalent to Intel's efficiency cores – which don't run DMP, but this also incurs a sizable performance penalty. The same is true of another possible solution – input blinding.

Ultimately, limiting who can access a piece of hardware is the best solution. In the long term, software should gain the ability to control whether and how it uses DMP. The researchers notified Apple of the problem late last year, but the company has not publicly commented. The researchers plan to release the proof-of-concept code soon.

The situation recalls the substantial vulnerabilities that have affected numerous CPUs in recent years, such as Spectre, Meltdown, Zenbleed, and Downfall. Researchers previously discovered the PACMAN flaw in M1 CPUs and iLeakage, which can leak sensitive data from M-series and A-series chips – affecting macOS and iOS devices.

Permalink to story.

https://www.techspot.com/news/102371-unpatchable-apple-silicon-vulnerability-could-leak-encryption-keys.html

 

[opckieran]

I guess good battery life is all Apple has left.

Build quality isn’t there anymore.

Screens aren’t worlds better than other laptop makers’ anymore.

Integration with iOS and iCloud is nice, but I see the appeal of 3rd party OS agnostic messengers.

 

[daffy duck]

I guess good battery life is all Apple has left.

Build quality isn’t there anymore.

Screens aren’t worlds better than other laptop makers’ anymore.

Integration with iOS and iCloud is nice, but I see the appeal of 3rd party OS agnostic messengers.

Well how many of us develop encryption software for a living? At least it won't affect many people and I'm never going to patch my Macbook against this if they release one. But I agree, other than battery not much going for the Macs. Whatever you say about Windows, at least the x86 market has diversity and a billion options to choose from, and the majority are far better value.

 

[bviktor]

I guess good battery life is all Apple has left.

Build quality isn’t there anymore.

Screens aren’t worlds better than other laptop makers’ anymore.

Integration with iOS and iCloud is nice, but I see the appeal of 3rd party OS agnostic messengers.

Better battery life, better performance, less heat due to better efficiency, thus less noise, better price than comparable Dell options. They're better by any metric that's out there. We're in the middle of introducing Macbooks as company workstations precisely because of this. They're just too good to pass, even at the cost of having to support a new OS.

If you say Windows laptops are "better value", you don't do the math. The benchmarks are out there. Do your Excel sheets, draw the conclusions. I have. And it's crystal clear - Macbooks are _way_ better value, period.

Screens may not be "worlds" better, "only" simply better now I guess?

There's nothing wrong with build quality either.

And if you think other platforms don't have exploits like this popping up all the time, you're living under a rock. Here, enjoy:

- Intel Advisories
- AMD Advisories
- Dell Advisories

PS: calling something "unpatchable" is as clickbaity as it gets. There's no such thing.

 

[HardReset]

Better battery life, better performance, less heat due to better efficiency, thus less noise, better price than comparable Dell options. They're better by any metric that's out there. We're in the middle of introducing Macbooks as company workstations precisely because of this. They're just too good to pass, even at the cost of having to support a new OS.

If you say Windows laptops are "better value", you don't do the math. The benchmarks are out there. Do your Excel sheets, draw the conclusions. I have. And it's crystal clear - Macbooks are _way_ better value, period.

Screens may not be "worlds" better, "only" simply better now I guess?

There's nothing wrong with build quality either.

And if you think other platforms don't have exploits like this popping up all the time, you're living under a rock. Here, enjoy:

- Intel Advisories
- AMD Advisories
- Dell Advisories

PS: calling something "unpatchable" is as clickbaity as it gets. There's no such thing.

Wimdows laptop usually means one with Intel. Too bad, AMD based laptops are miles better CPU wise. When it comes to benchmarks, also AMD and Intel are introducing CPUs with integrated memory, thats's about only "advantage" Apple has (you are stuck with RAM machine comes with).

Unpatchable basically means there is no way to software fix it. As for security, most AMD and Intel security flaws are not indeed bugs. CPU works as it should work. However Operation Triangulation on Apple is something very different. Using CPU registers that should not even exist is not a flaw or bug, it's backdoor. Apple is way behind AMD and Intel on security.

 

[zamroni111]

Well how many of us develop encryption software for a living? At least it won't affect many people and I'm never going to patch my Macbook against this if they release one. But I agree, other than battery not much going for the Macs. Whatever you say about Windows, at least the x86 market has diversity and a billion options to choose from, and the majority are far better value.

what the article meant is encryption developers must find ways to on overcome that Mac's vulnerability.
that vulnerability is dangerous for all users of the vulnerable macs

 

[yukka]

It’s not good. But I don’t buy the opinion there’s no reason to buy macs anymore. But that’s why it’s an opinion and not a fact.

 

[ScottSoapbox]

Well how many of us develop encryption software for a living? At least it won't affect many people...

You either misread or misunderstood this article.

 

[PanGrns]

You either misread or misunderstood this article.

or says that for a purpose.

 

[captaincranky]

Wimdows laptop usually means one with Intel. Too bad, AMD based laptops are miles better CPU wise.

I was perusing this thread to see how long it would take someone to inject an AMD plug. You won, at post #5.

I do respect you for being equally fair to Intel and AMD both, with respect to security issues.

 

[captaincranky]

The researchers notified Apple of the problem late last year, but the company has not publicly commented.

Why should they have to? After all, "it just works", is pretty much Apple's corporate mantra.

 

[captaincranky]

Better battery life, better performance, less heat due to better efficiency, thus less noise, better price than comparable Dell options. They're better by any metric that's out there. We're in the middle of introducing Macbooks as company workstations precisely because of this. They're just too good to pass, even at the cost of having to support a new OS.

If you say Windows laptops are "better value", you don't do the math. The benchmarks are out there. Do your Excel sheets, draw the conclusions. I have. And it's crystal clear - Macbooks are _way_ better value, period.

Screens may not be "worlds" better, "only" simply better now I guess?

There's nothing wrong with build quality either

This much exuberance toward acquiring any given product, could lead the under educated, (such as myself), to suspect there might be a SPIF involved in the transaction.

 

[WhoCaresAnymore]

ALL Hardware has vulnerabilities, and it has always been addressed through BIOS and Software updates. Why is this even news.

 

[The Truth]

ALL Hardware has vulnerabilities, and it has always been addressed through BIOS and Software updates. Why is this even news.

Because Macs are perfect.

 

[yukka]

ALL Hardware has vulnerabilities, and it has always been addressed through BIOS and Software updates. Why is this even news.

Because encryption is used in loads of applications and this security flaw is hardware based, not software. It can’t be fixed with a patch. It can only be “fixed” by adapting the encryption software to avoid the flaw, which in turn will slow the process which in turn will slow the Mac, depending on your workload.

 

[Dreadcthulhu]

I wonder if this security flaw could be used to extract encryption keys used by various DRM methods, like Widevine. Would be interesting for anyone with a Mac to check.