Security Vulnerability Found in Apple M Chips

Apple continues its long journey with Intel with M1 model brought to an end together, making Mac and Macbook models faster than ever. Moreover, it achieved this by using less resources. Currently also with M3 chips The company, which continues to make jaws drop, is on the agenda with an unfortunate issue.

According to a study by academic researchers on M chips -which includes both M1, M2 and M3 models- cyber attackers, encryption key There is a security vulnerability that allows it to access the verification keys we mentioned. This includes all Mac devices released since 2020.

So what does this mean?

Predictively optimizes order processing time and therefore memory speed prefetcher components are the main source of the problem. Researchers have already mentioned the vulnerability and the attack style as “GoFetch” he named it. In this attack, keys are extracted from fixed-time encryption applications through prefetchers. Since the attack develops thanks to data-based prefetchers, it is described as a side channel attack. The difference between data-based ones is that in addition to the addresses that plain prefetchers take into account to make predictions. data values to see as well.

To clear up the confusion, these data-based ones to sensitive information Let’s say that it makes access possible. One of the most sensitive information is encryption keys. The heart would like to say “Apple should make an update and let it be resolved.” But researchers say that the problem lies in the microarchitectural structure of the M chip, which is why it cannot be updated. As if this were not enough, methods to ensure security also include M chips. will be detrimental to performance It is said.

Researchers brought the issue to Apple at the beginning of last December, but after 107 days, the issue was made public. Therefore, it is stated that cryptographic application developers, in particular, should take stricter security measures to ensure security.