Sure. The agencies want you to believe that. You think “your” emails have never been scanned through NSA’s prism filters?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys
- Thread starter MacRumors
- Start date
- Sort by reaction score
Emails are completely insecure. Everyone's emails have probably been scanned by multiple foreign agencies, Google and maybe Facebook.
People are getting so upset here you’d think they have been already hacked.
How often do you use private key encryption on a day-to-day basis? The research paper mentions OpenSSH, is that used much outside the professional world? Maybe if you connect to a SFTP server regularly.
The M3 does have a solution, you would have to update your OpenSSH to a version that disables DMP in hardware. Which will impact OpenSSH performance but nothing else.
I wish I had a M3 instead of a M1, because that’s more secure, but honestly it doesn’t seem that big of a deal.
How often do you use private key encryption on a day-to-day basis? The research paper mentions OpenSSH, is that used much outside the professional world? Maybe if you connect to a SFTP server regularly.
The M3 does have a solution, you would have to update your OpenSSH to a version that disables DMP in hardware. Which will impact OpenSSH performance but nothing else.
I wish I had a M3 instead of a M1, because that’s more secure, but honestly it doesn’t seem that big of a deal.
GoFetch exploit can't be disabled on Apple's M1 and M2 chips
For now, cryptographic work should be run on slower Icestorm cores
Looks like M3 mac's are not affected.
Worrying is what people do when they are helpless.
It’s not “worrying” when you educate yourself, take precautions and prepare for the worst. My kids’ piano tutor of 6 years came to her last piano lesson with us in early 2020 after she said COVID was “nothing to worry about” and giggled about people’s concerns. You would think a global pandemic would alter people in some way for the better but it doesn’t. Things just don’t penetrate some people’s skulls.
yes, but people don't know that. They still think you need a written warrant with a person who manually scans every word in your email, just once for that warrant.
nevertheless, email *can* be secure. What you put in the envelope can be encrypted, coded as per your wishes. People may open and read the envelope but it'll be gibberish to them as long as they cannot decrypt it.
Yes, for example Proton Mail is actual genuine secure end-to-end encrypted e-mail.
Unlike Apple, Google, Microsoft, etc. they don't sell people's personal data.
Back on topic, Apple should really re-hire their Apple Silicon engineers.
No one wants to buy insecure non-fixable computers.
This is stupid. The M3 isn't affected by this issue.
I wouldn’t call a global pandemic an edge case. Do you really feel helpless in regards to this exploit?
Encrypted email is dead. E2E encryption may be there. However, an attacker can simply compromise the endpoint. At some point you have to decrypt the message at the endpoint or else the service itself is useless. Once it’s decrypted there, a rogue endpoint app/
OS malware can leak the contents.
Hello,
I've spent a lot of time trying to understand this exploit, but still I don't have positive answers to these fundamental questions.
Can people with the knowledge of the matter please advise:
1. To enable this exploit, does someone need to have physical access to my computer, or me installing a malicious program as an Admin will be enough?
2. What is the actual real-world impact a malicious attacker having access to my encryption keys, in Layman's terms?
I've spent a lot of time trying to understand this exploit, but still I don't have positive answers to these fundamental questions.
Can people with the knowledge of the matter please advise:
1. To enable this exploit, does someone need to have physical access to my computer, or me installing a malicious program as an Admin will be enough?
2. What is the actual real-world impact a malicious attacker having access to my encryption keys, in Layman's terms?
Last edited:
1. Installing a malicious program is enough. You may need to install Asahi Linux and boot from it though, as discussed in this thread.
2. I cannot tell if you actually have encryption keys or not. If you do, an application that uses them can be leveraged by the attacker to repeatedly use the encryption key until the malicious app has enough information to tell what is the encryption key value. An example of application using an encryption key is "ssh" or "sftp".
Thank you. So no impact to a casual user or a design professional? Neither me nor my wife use ssh or sftp.
My dog did NOT die yesterday. I can prove it by playing fetch today.
Proving things didn't happen isn't really any harder than proving they did. There's this false idea out there that you can't prove a negative, which is absurd.
It seems to me that the issue would fixable by introducing a new API, let’s call it with_secure_context() that would receive a function and execute it in timing-insensitive mode. Apple Silicon already supports ARM data independent timing feature which does this, the issue with gofetch seems to be that baling this mode does not correctly disable the prefetched. However, the prefetched can be disabled on M1/M2 by manipulating CPU control registers. This is why an API is required - the OS will ensure that all security features are correctly turned on.
As a final note, secure computing is hard. It is not realistic to expect that all code you run is completely secure and free from observable effects, and we shouldn’t try to build processors with such properties. It is however important that processors have a lower-performance secure mode to support these kind of operations. This is what newer ARM and Intel processors support, and it’s IMO the correct path forward.
As a final note, secure computing is hard. It is not realistic to expect that all code you run is completely secure and free from observable effects, and we shouldn’t try to build processors with such properties. It is however important that processors have a lower-performance secure mode to support these kind of operations. This is what newer ARM and Intel processors support, and it’s IMO the correct path forward.
How do you know your dog didn't die yesterday but then came back to life? 🤔
As posted elsewhere I'm not that bothered about this.
Firstly the work factor in this is really high which makes it infeasible to execute on a large scale attack without getting noticed. Secondly, the keys need to be in RAM for the entire time and most of the decent software out there zeroes the keys out when its done. Thirdly, I'm the only user on this machine. Fourthly, I'm not likely to run any software on my machine with this exploit built in. Fifthly, there are a thousand lower hanging fruits than this.
This is a really a critical vector if you have shared tenancy infrastructure like for example in AWS / GCP clouds etc.
Firstly the work factor in this is really high which makes it infeasible to execute on a large scale attack without getting noticed. Secondly, the keys need to be in RAM for the entire time and most of the decent software out there zeroes the keys out when its done. Thirdly, I'm the only user on this machine. Fourthly, I'm not likely to run any software on my machine with this exploit built in. Fifthly, there are a thousand lower hanging fruits than this.
This is a really a critical vector if you have shared tenancy infrastructure like for example in AWS / GCP clouds etc.
Vulnerability found in Apple's Silicon M-series chips – and it can't be patched
Hackers can harvest encryption keys from Macs and MacBooks.mashable.com
This news was released when apple released M3 chip MBA.
I read, M1-3 are affected. Did M4 fixed this vulnerability? Will Apple replace M3 MBA with M4 MBA this summer?
@hohohong -- From that Other form the Mods closed out... Yeah, this is pretty old news, but not just because of the March 2024 publication. In IT Industry terms, these so-called "Sidechannel" and "Prefetcher" attacks were observed in Intel and AMD cpus going back to January 2018, when Meltdown and Spectre were documented; there were lab exercises that proved Mac OS is affected. Downfall and Inception were more of the same, documented in early 2022. This "GoFetch" attack is just another derivative. No surprise that Apple's M series is affected, of course, as the silicone was being designed in that same era where every trick in the book was thrown at chips to improve performance, even if only statistically.
Casual search doesn't reveal a CVE for "GoFetch", but Apple is renowned for stonewalling and **** moves when it comes to reported vulnerabilities. There are utilities from the OSF Unix/Linux sphere bundled into the OS, and present in Sonoma, that are vulnerable as ****, and Apple is like "Neeeever heard of 'em."
As a CPU design fault, there can't be a true "Patch", in the "We Fixed It!" sense of the word, for ANY derivative. Rather, the options are either:
- Disable prefetch in hardware, OR,
- Get the OS to split and obfuscate memory addresses where pointers or data happen to be lodged in RAM.
What I want to know is, given the relevance of pre-fetch, in general, to performance (real, expected, perceived), is it even possible to resolve cache address exposure vulnerabilities? Obviously some chipsets don't have this issue, so why do these newer, fire-breathing, general purpose CPUs, now?
And the super-scary question - what about SCADA controllers? Those industrial control systems that automate industrial production and even your own home power meters? Rhetorical question; I know the answer is "We're ******."
Enjoy your webby-flix, or musics or whatever, Everyone. Sleep well. No, no... prolly not...
In which a whole slew of exploits will--inevitably--be found
Nothing--in retrospect--is Golden.
Non sequitur.
All silicon is "fixed" upon inception.
Any expectation, otherwise, is naive.