by Dan Moren
Apple’s M-series processors have a cryptographic flaw
Ars Technica’s Dan Goodin has an excellent (if technical) rundown of a recently unearthed security vulnerability in Apple’s M-series processors. Basically there’s a system that tries to predict what memory addresses are going to be used in order to speed up processing, but Apple’s version can accidentally leak data:
The attack, which the researchers have named GoFetch, uses an application that doesn’t require root access, only the same user privileges needed by most third-party applications installed on a macOS system. M-series chips are divided into what are known as clusters. The M1, for example, has two clusters: one containing four efficiency cores and the other four performance cores. As long as the GoFetch app and the targeted cryptography app are running on the same performance cluster—even when on separate cores within that cluster—GoFetch can mine enough secrets to leak a secret key.
This particularly affects M1 and M2 series chips, with the M3 providing an option to disable the predictive system—albeit likely with a performance hit during cryptographic operations. Because the system is implemented in hardware, it can’t be patched by Apple—rather, apps that are performing cryptography would have to add additional layers of security in order to protect against it.
While the researchers only demonstrated the flaw on four different encryption algorithms, that’s enough to suggest that other cryptography is likely affected as well.
Ultimately, it may be up to Apple to mitigate this functionality for its M1 and M2 chips in software, though the company has not yet publicly commented on the flaw.