Holy shit.. #Apple, can I get a refund?
Unpatchable vulnerability in Apple chip leaks secret encryption keys
Unpatchable vulnerability in Apple chip leaks secret encryption keys
Fixing newly discovered side channel will likely take a major toll on performance.Ars Technica
Jonathan Lamothe reshared this.
Collectifission
in reply to stux⚡ • • •stux⚡
in reply to Collectifission • • •stux⚡
in reply to stux⚡ • • •"The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster."
Someone really dropped the ball on this one
Scott Armitage
in reply to stux⚡ • • •I’m sure we’ll see more security flaws to be fixed in the future as M-Series becomes a juicier target.
Wenslauw
in reply to stux⚡ • • •RichardInSandy
in reply to stux⚡ • • •stux⚡
in reply to RichardInSandy • • •A B
in reply to stux⚡ • • •stux⚡
in reply to A B • • •@ab78702 If it was fixable perhaps
This one really hurts a load of people, who knows how many backdoors are out there already
I only want the most secure for every system, no matter of Linux, Win or mac
hybrid havoc :1m: :rm:
in reply to stux⚡ • • •stux⚡
Unknown parent • • •@freemo Perhaps indeed
This one is quite serious, my mac isn't even that old and basically unsafe now
stux⚡
Unknown parent • • •Henri Verymetaldev
in reply to stux⚡ • • •Trebach
in reply to stux⚡ • • •reshared this
ClaudioM and I am Jack's Lost 404 reshared this.
Hunterrules
in reply to stux⚡ • • •JoeBecomeTheSun
in reply to stux⚡ • • •Bryan Whitehead
in reply to stux⚡ • • •@ErikUden
The full article actually lists 3 different fixes.
Most straightforward for M1 & M2 is restricting processes that handle certain keys to the efficiency CPU’s that don’t have this cpu cache being exploited.
For the M3 a bit can be set for memory that has these keys so they can’t exist in the vulnerable cache.
This is a clickbait title being they actually disclose these fixes in the article… 😵💫
Jonathan Lamothe
in reply to Bryan Whitehead • •Bryan Whitehead
in reply to Jonathan Lamothe • • •@me
M3 with bit fiddling is the arm designed “correct way” as far as I know.
I’m just a muppet compared to the true ARM masters like @marcan. There is a great 🧵 from him here about this vulnerability: https://social.treehouse.systems/@marcan/112135772533553951
Hector Martin (@marcan@treehouse.systems)
Treehouse MastodonHector Martin
in reply to Jonathan Lamothe • • •@me @Bryan No, this is by design. The chips have an optimization that is not secure to do for crypto code. Crypto code is supposed to set a bit to ask for these optimizations to be turned off. This is a standard ARM architecture mechanism that was released 7 years ago. It doesn't make any sense to turn off this optimization for everything since it only matters for crypto stuff, that's why this bit exists so the CPU knows when it's safe to do this optimization and when not.
This works as intended for M3. For M1 and M2 it does not, but I absolutely guarantee there's a workaround, because CPUs always have special bits to turn off features like this in general, just Apple forgot to hook it up to the "standard" bit prior to M3. It's up to Apple to develop a kernel-level workaround for M1/M2.
Bryan Whitehead
in reply to Hector Martin • • •@marcan @me
Thanks for the correction and clarity.
Eragon
in reply to Hector Martin • • •Hector Martin
in reply to Eragon • • •They could fix it in a kernel update by disabling the optimization globally (at a performance cost). To disable it only for crypto code they will have to create a new API and get developers to use it, since they will have to add new syscalls to twiddle the disable bit via the kernel.
It is *possible* that a trap mechanism exists that could hook this up to the standard bit (with kernel assistance) and avoid needing a new API, but we haven't observed the existence of such a mechanism yet.
Jonathan Lamothe
in reply to Hector Martin • •Scott Williams 🐧 likes this.
Hector Martin
in reply to Jonathan Lamothe • • •Megahertz
in reply to stux⚡ • • •kat
in reply to stux⚡ • • •Torlais Neoini
in reply to stux⚡ • • •Lee
in reply to stux⚡ • • •BirdInFire :emoji_squint:
in reply to stux⚡ • • •Stefan Burger
in reply to stux⚡ • • •LanguageMan1
in reply to stux⚡ • • •Justin
in reply to stux⚡ • • •Bebef 🦦🇪🇺🏴☠️🏳️🌈🏳️⚧️🚙🐼🥦🚩🏴
in reply to stux⚡ • • •That indeed is an interesting question, that I would like to have a legal answer to, you know, from a product liability and consumer rights perspective.
If something is broken, you have a right to get it fixed (at least in a limited way where I live). If it can't be fixed, you have a right for reverse transaction.
I wonder if this applies here. In my opinion it does, but #IANAL
Foppe de Haan
in reply to stux⚡ • • •