• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

Researchers discover unfixable bug in Apple’s M1, M2, and M3 Chips

realDonaldTrump

realDonaldTrump

Alfrescian
Loyal

Unpatchable vulnerability in Apple chip leaks secret encryption key​

https://arstechnica.com/security/20...secret-encryption-keys-from-apples-mac-chips/

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday.

The flaw—a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols—can’t be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster.

https://arstechnica.com/security/20...secret-encryption-keys-from-apples-mac-chips/
 
blackmondy

blackmondy

Alfrescian (Inf)
Asset
When you choose to use products from a commie company run by a fucking faggot, you deserved to be screwed in the ass.
 
Leongsam

Leongsam

High Order Twit / Low SES subject
Admin
Asset
Everything is fixable. Don't believe the clickbait.

However because the vulnerability involves exploiting a feature that speeds things up the patch will probably have a slight impact on speed in certain situations.
 
blackmondy

blackmondy

Alfrescian (Inf)
Asset
Scrooball (clone) said:
U think Thinkpads are not made in China? Haa
Click to expand...
Hardware made in China, not the software, you dumbass.
You dumb enuf not to install a fresh version of Windows OS yourself instead of using the hacked pre-installed one with backdoors all fully opened ?
Linpeh have been in IT since the early 90s dealing with high-performance computing used in Hollywood. Ever heard of Silicon Graphics ? Probably not. You're likely just a fucking sperm in your father's ball during that time.
Honestly, stupidity has no cure in your case.
 
Last edited:
Leongsam

Leongsam

High Order Twit / Low SES subject
Admin
Asset

Apple M-series chips have serious security flaw baked in, fix will result in performance hit​

Apple's M1 and M2 family of silicon has a baked in security vulnerability dubbed "GoFetch." (Image: Apple) Apple's M1 and M2 family of silicon has a baked in security vulnerability dubbed "GoFetch." (Image: Apple)
Security researchers have uncovered a major security vulnerability affecting Apple’s M1 and M2 family of chips. Using a crafted attack, researchers were able to use what is known as a “side-channel” to access and decode security keys used in widely used encryption services.
Sanjiv Sathiah, Published 03/22/2024 https://www.notebookcheck.com/Apple...ng-zu-Leistungseinbussen-fuehrt.816236.0.html https://www.notebookcheck-cn.com/Apple-M.816290.0.html ...
Apple ARM Security Desktop MacBook

Dragon's Dogma 2 review: Laptop and desktop benchmarks

85% Dell Inspiron 14 Plus 7440 laptop review: Dropping GeForce RTX for integrated Intel Arc

Acebeam E75 hands-on: Powerful but heavy EDC flashlight


A team of researchers has uncovered a serious security vulnerability dubbed “GoFetch” in Apple’s vaunted M-series silicon. The researchers created an app also called GoFetch that can extract keys for cryptography methods including 2048-bit RSA keys, DH-2048, Kyber-512 and Dilithium-2 in timeframes ranging from under an hour to around 10 hours. The flaw is said to particularly affect Apple’s M1 and M2-based chips and exploits what is known as a “side-channel” in the way the chips execute end-to-end key extractions related to typical security related scripts including authentication tasks that require security keys and encryption.

Apple has made a tool it calls CryptoKit to help make it easier for developers to deploy security controls for their apps, but the issue isn’t with Apple’s software, but with the chips’ microarchitecture. Resultantly, an attacker can extract otherwise secret keys to decrypt data. As the vulnerability is baked into the silicon and the way certain cryptographics tasks are handled, the only way to fix it will be for Apple to issue a software patch. However, as Ars Technica highlights, patching the flaw in this way will result in a significant hit to performance.

The chip-level vulnerability recalls the silicon-level security vulnerabilities like Meltdown and Spectre which affected some Intel, AMD, IBM and some Arm-based chips. In one test, following the application of a patch to address Spectre-V2, an Intel Core i9-12900K (Alder Lake) chip saw performance hits between 14.5% and 26.7%. Apple is yet to officially respond to the researcher’s claims, but the researchers have alerted Apple to the issue and patch should be forthcoming if indeed Apple hasn’t already addressed it.

Source(s)​

Ars Technica
GoFetch
 
blackmondy

blackmondy

Alfrescian (Inf)
Asset
Leongsam said:

Apple M-series chips have serious security flaw baked in, fix will result in performance hit​

Apple's M1 and M2 family of silicon has a baked in security vulnerability dubbed "GoFetch." (Image: Apple) Apple's M1 and M2 family of silicon has a baked in security vulnerability dubbed "GoFetch." (Image: Apple)
Security researchers have uncovered a major security vulnerability affecting Apple’s M1 and M2 family of chips. Using a crafted attack, researchers were able to use what is known as a “side-channel” to access and decode security keys used in widely used encryption services.
Sanjiv Sathiah, Published 03/22/2024 https://www.notebookcheck.com/Apple...ng-zu-Leistungseinbussen-fuehrt.816236.0.html https://www.notebookcheck-cn.com/Apple-M.816290.0.html ...
Apple ARM Security Desktop MacBook
Dragon's Dogma 2 review: Laptop and desktop benchmarks's Dogma 2 review: Laptop and desktop benchmarks
Dragon's Dogma 2 review: Laptop and desktop benchmarks
Dell Inspiron 14 Plus 7440 laptop review: Dropping GeForce RTX for integrated Intel Arc
85% Dell Inspiron 14 Plus 7440 laptop review: Dropping GeForce RTX for integrated Intel Arc
Acebeams E75 with accessories. (Photo: Andreas Sebayang/Notebookcheck.com)
Acebeam E75 hands-on: Powerful but heavy EDC flashlight
Asus Expertbook B5 Flip B5402F review: The business convertible allrounder
89% Asus Expertbook B5 Flip B5402F review - A great convertible with a catch
Next Page ⟩
A team of researchers has uncovered a serious security vulnerability dubbed “GoFetch” in Apple’s vaunted M-series silicon. The researchers created an app also called GoFetch that can extract keys for cryptography methods including 2048-bit RSA keys, DH-2048, Kyber-512 and Dilithium-2 in timeframes ranging from under an hour to around 10 hours. The flaw is said to particularly affect Apple’s M1 and M2-based chips and exploits what is known as a “side-channel” in the way the chips execute end-to-end key extractions related to typical security related scripts including authentication tasks that require security keys and encryption.
Apple has made a tool it calls CryptoKit to help make it easier for developers to deploy security controls for their apps, but the issue isn’t with Apple’s software, but with the chips’ microarchitecture. Resultantly, an attacker can extract otherwise secret keys to decrypt data. As the vulnerability is baked into the silicon and the way certain cryptographics tasks are handled, the only way to fix it will be for Apple to issue a software patch. However, as Ars Technica highlights, patching the flaw in this way will result in a significant hit to performance.
The chip-level vulnerability recalls the silicon-level security vulnerabilities like Meltdown and Spectre which affected some Intel, AMD, IBM and some Arm-based chips. In one test, following the application of a patch to address Spectre-V2, an Intel Core i9-12900K (Alder Lake) chip saw performance hits between 14.5% and 26.7%. Apple is yet to officially respond to the researcher’s claims, but the researchers have alerted Apple to the issue and patch should be forthcoming if indeed Apple hasn’t already addressed it.

Source(s)​

Ars Technica
GoFetch
Click to expand...
Apple is like the fucking CCPee. They will always be in denial, suppressing the critics and at the same time quietly tying up the loose ends in the background and just act blur.
 
Last edited:
Leongsam

Leongsam

High Order Twit / Low SES subject
Admin
Asset
blackmondy said:
Apple is like the fucking CCPee. They will always be in denial, suppressing the critics and at the same time quietly tying up the loose ends in the background and act blur.
Click to expand...

Name me one major company that does NOT behave in this manner.
 
blackmondy

blackmondy

Alfrescian (Inf)
Asset
Leongsam said:
Name me one major company that does NOT behave in this manner.
Click to expand...
Most companies will have little success suppressing critics, and will be forced to own up eventually, unlike Apple which will elbow the media to its will.
Or is this your first day in IT ?
 
glockman

glockman

Old Fart
Asset
blackmondy said:
Hardware made in China, not the software, you dumbass.
You dumb enuf not to install a fresh version of Windows OS yourself instead of using the hacked pre-installed one with backdoors all fully opened ?
Linpeh have been in IT since the early 90s dealing with high-performance computing used in Hollywood. Ever heard of Silicon Graphics ? Probably not. You're likely just a fucking sperm in your father's ball during that time.
Honestly, stupidity has no cure in your case.
Click to expand...
Wow, SGI. Haven't heard that name in a long time. They made high end computers, were super fast running risc processors. Famous for using water cooled system in their computers.
 
You must log in or register to reply here.

Similar threads

SBFNews
MIT researchers uncover ‘unpatchable’ flaw in Apple M1 chips
Replies
3
Views
930
blackmondy
blackmondy
gsbslut
Has China lost its taste for the iPhone?
Replies
0
Views
279
gsbslut
gsbslut
SBFNews
Russia accuses Apple of 'close cooperation' with US spy agencies in espionage plot to 'hack thousands of iPhones with invisible iMessages'
Replies
1
Views
451
tanwahtiu
T
gsbslut
Married Washington nurse accused of 'forcing abortion pills inside his pregnant girlfriend during sex
Replies
2
Views
376
bigozt
B
SBFNews
The tech flaw that lets CCP hackers control surveillance cameras
Replies
12
Views
1K
duluxe
duluxe
Top