1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • GoFetch security flaw is "unpatchable" on Apple M1 and M2 chips

    From TechnologyDaily@1337:1/100 to All on Tue Mar 26 13:30:05 2024
    GoFetch security flaw is "unpatchable" on Apple M1 and M2 chips but all is not lost

    Date:
    Tue, 26 Mar 2024 13:23:36 +0000

    Description:
    Speculative Apple feature vulnerability can't be fixed with a patch, but
    there is a workaround, researchers claim.

    FULL STORY ======================================================================

    The researchers who recently uncovered the GoFetch vulnerability affecting Apple M1 and M2 chips have come forward with new information that could be both good and bad news.

    GoFetch plagues Apple M-series and Intel Raptor Lake CPUs, and could result
    in the theft of sensitive information. It is described as a side-channel attack that leans on the performance-enhancing prediction features many
    modern silicons carry.

    In that respect, its similar to previously disclosed vulnerabilities such as Spectre or Meltdown. To achieve better performance, some chips try to predict the softwares next moves, and load the data in the memory in advance. That way, when the data is needed, its already present and thus results in faster performance. But this data can be leaked, and fixing the issue might mean a decrease in performance. Good news and bad news

    The good news is that generally, this vulnerability can be easily addressed
    by disabling the speculative feature.

    True, it will result in poorer performance, but in the case of GoFetch, that decrease in performance would only be limited to cryptographic functions, so it shouldnt be that big of a deal. The bad news is that this problem cannot
    be solved on the M1 and M2.

    "We observe that the DIT bit set on M3 CPUs effectively disables the DMP.
    This is not the case for the M1 and M2," the researchers explained.

    The silver lining here is that there is a workaround. As The Register explained in its writeup, Apples M-series chips have two types of cores: Firestorm and Icestorm. GoFetch only works on Firestorm cores, meaning that
    if cryptographic functions are to be moved over to Icestorm, it would solve the problem. However, Icestorm is smaller and slower than Firestorm, so the performance will still take a hit. Security wont however, and that should be the whole point. More from TechRadar Pro Python devs are being targeted by this massive infostealing malware campaign Here's a list of the best
    firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/gofetch-security-flaw-is-unpatchable-on -apple-m1-and-m2-chips-but-all-is-not-lost


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)