Academic researchers have disclosed a significant security concern with Apple’s M-series chips, revealing a vulnerability that allows attackers to extract secret encryption keys from Macs (via ArsTechnica).
Unlike traditional software vulnerabilities that can be patched directly, this flaw is deeply rooted in the microarchitectural design of the Apple silicon, rendering it unpatchable through conventional means. Instead, mitigating this vulnerability necessitates building defenses into third-party cryptographic software.
The flaw, detailed in a paper published recently, exploits a side channel in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts memory addresses of data likely to be accessed soon.
This flaw affects both older and newer generations of Apple’s M-series chips, including the M1 and M2.
Named “GoFetch” by researchers, the attack utilizes an application that doesn’t require root access, making it accessible to most third-party applications installed on macOS systems. It operates within the same user privileges as ordinary applications, enabling it to extract secret keys from cryptographic operations.
This vulnerability poses a significant threat to the security of Mac systems, allowing attackers to compromise encryption algorithms and potentially access sensitive data.
The exploitation process, while intricate, can yield significant results, with extraction times ranging from minutes to hours depending on the encryption key’s length and complexity.
Apple has yet to comment on the disclosed vulnerability, leaving users and developers concerned about the potential impact on device security.
As developers work to address this issue, implementing defenses against such attacks will likely come with performance penalties, affecting the efficiency of cryptographic operations on affected devices.
