Path: ...!weretis.net!feeder8.news.weretis.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Jolly Roger <jollyroger@pobox.com>
Newsgroups: misc.phone.mobile.iphone
Subject: Re: unpatchable security flaw
Date: 23 Mar 2024 16:35:04 GMT
Organization: People for the Ethical Treatment of Pirates
Lines: 59
Message-ID: <l68eloFneumU1@mid.individual.net>
References: <utmgpl$1nj9t$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net /9dMEiE0+P4j1azRD7jzCgxa2ECL/nbwk9k9aW6lN9Eby2NOSL
Cancel-Lock: sha1:vVfmLsL0QpSAcOPVtVKylpH6an0= sha256:YHKOKdoxhYSujD09c0mfcGPkc47m4uDvBcVwcvSiDUU=
Mail-Copies-To: nobody
X-Face: _.g>n!a$f3/H3jA]>9pN55*5<`}Tud57>1<n@LQ!aZ7vLO_nWbK~@T'XIS0,oAJcU.qLM
 dk/j8Udo?O"o9B9Jyx+ez2:B<nx(k3EdHnTvB]'eoVaR495,Rv~/vPa[e^JI+^h5Zk*i`Q;ezqDW<
 ZFs6kmAJWZjOH\8[$$7jm,Ogw3C_%QM'|H6nygNGhhl+@}n30Nz(^vWo@h>Y%b|b-Y~()~\t,LZ3e
 up1/bO{=-)
User-Agent: slrn/1.0.3 (Darwin)
Bytes: 3902

On 2024-03-23, badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
>
> A new security vulnerability has been discovered in Apple's Mac and
> MacBook computers – and the worst part is that it's unpatchable.
>
> Academic researchers discovered the vulnerability, first reported by
> Ars Technica, which allows hackers to gain access to secret encryption
> keys on Apple computers with Apple's new Silicon M-Series chipset.
> This includes the M1, M2, and M3 Apple MacBook and Mac computer
> models.  
>
> Basically, this vulnerability can be found in any new Apple computer
> released from late 2020 to today.

This is a prefetcher vulnerability, and most platforms have prefetchers.
Security experts have long known that classical prefetchers open a side
channel that malicious processes can probe to obtain secret key material
from cryptographic operations.  This vulnerability is the result of the
prefetchers making predictions based on previous access patterns, which
can create changes in state that attackers can exploit to leak
information. 

The short of it is that researchers in a lab have figured out a way to
communicate with cryptography apps running on Apple Silicon in such a
way that they can learn the secret key used by those apps to encrypt
information.

The attack requires the user to download, install, and run a malicious
app on the Mac. The malicious app doesn't require root access but does
require the same user privileges needed by most third-party applications
installed on a macOS system.

M-series chips are divided into what are known as clusters. The M1, for
example, has two clusters: one containing four efficiency cores and the
other four performance cores. The targeted cryptography app must be
running on the same performance cluster as the malicious app for the
attack to be successful.

It takes time for the attack to work, but it can be successful:

"The attack works against both classical encryption algorithms and a
newer generation of encryption that has been hardened to withstand
anticipated attacks from quantum computers. The GoFetch app requires
less than an hour to extract a 2048-bit RSA key and a little over two
hours to extract a 2048-bit Diffie-Hellman key. The attack takes 54
minutes to extract the material required to assemble a Kyber-512 key and
about 10 hours for a Dilithium-2 key, not counting offline time needed
to process the raw data."

There are different ways to mitigate this vulnerability, most of which
incur a performance penalty, some of which don't. But in the worst case,
the performance penalty would only impact cryptographic operations in
specific applications or processes.

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR