The Flaw in Apple’s M-Series Chips: A New Challenge for Encryption Security

[TL; DR]

Some versions of Apple’s MacOS and iPad tablets have flaws in their M-Series chips.

Apple said that its MacOS and iPad tablets have strong security measures to prevent any malicious exploits.

It is in the best interest of crypto users with Apple’s MacOS and iPad tablets with the cited flaws to remove their digital assets from them.

Keywords: Apple M-series chip vulnerability, Unpatchable flaw encryption security, GoFetch exploit Apple, M1 and M2 chip security flaw, Cryptographic software Apple chips, Encryption key extraction Apple, Side channel exploit M-series, Apple chip security vulnerability, Digital threats macOS, Apple encryption flaw mitigation, crypto scam, crypto scammers, crypto exploit

Introduction

Crypto users who have computers and iPads that use Apple’s M1 and M2 chips are facing a security threat that may lead to thefts of their cryptocurrencies. Thus,such crypto users should take extra care to protect their digital assets.

This article explores the flaw in Apple’s M-series chips and how users can mitigate the risks they pose. We will also discuss how Apple computer and tablet users can protect their digital assets.

Discovery of the Vulnerability

A group of researchers have discovered a serious vulnerability within Apple’s M-series chips which may affect the security of digital assets like cryptocurrency stored in them. In a recent report the scholars from various top United States universities explain how crypto scammers can access Secret keys and other encrypted data from MacBook devices through cryptographic means.

The vulnerability exists within microarchitecture of Apple’s M1 and M2 chips making it impossible to use direct patches to solve the problem. According to the report, published on 21 March, the vulnerability is a side chain attack which enables hackers to obtain MAC’s end-to-end encryption keys when the Apple chips run common cryptographic protocols.

Understanding the Unpatchable Nature

As hinted above, the Apple chip vulnerability is unpatchable since it is engrained in the microarchitectural silicon itself. Basically the uses the data memory-dependent prefetcher (DMP) in these chips to predict and pre-load data as well as to minimize the CPU and memory latency.

However, by design the DMP often mistakenly interprets the memory content as pointer addresses which leads to data leakages through side chains. Therefore, the attackers can capitalize on these prefetcher mistakes through devising inputs which the DMP recognizes as addresses leading to the leakage of encryption keys. This process is a significant aspect of the GoFetch attack.

Explaining this process, the researchers said, “Our key insight is that while the DMP only dereferences pointers, an attacker can craft program inputs so that when those inputs mix with cryptographic secrets, the resulting intermediate state can be engineered to look like a pointer if and only if the secret satisfies an attacker-chosen predicate.”

The reason why the vulnerability is unpatchable is that it exists in Apple’s chips, not its software. Therefore, the researchers have advised that the best solution is to manufacture new cryptographic software Apple chips. Alternatively, there is a need for third-party cryptographic software that controls the performance of the Apple M-series chips to prevent the M1 and M2 chip security flaw.

The GoFetch Exploit Explained

The GoFetch exploit refers to the Apple M-series chip vulnerability that enables hackers to capitalize on the memory access patterns to obtain sensitive data like the encryption keys which cryptographic applications utilize. In this case, the hack only requires standard user privileges similar to the ones which regular applications require.

Read also: Apple’s Venture Into The Metaverse

To clarify, with a GoFetch exploit the hackers take advantage of the weaknesses that exist in the data memory-dependent prefetchers (DMPs). Basically, the enables DMP data leaks out of the core’s cache. It is important to understand that such a side channel exploit M-series occurs when essential information leaks as a result of the design of a computer protocol or algorithm.

Also, the encryption key extraction Apple app can mine the secret keys as long as it is running on the same performance cluster as the targeted cryptography app,even if they are on separate cores.

Again, the GoFetch exploit Apple application can extract a 2048-bit RSA key within one hour and a 2048-bit Diffie-Hellman key within two hours. On the other hand, it requires about 54 minutes to extract the data needed to assemble a Kyber-512 key and about 10 hours to generate a Dilithium-2 key.

Mitigation and Performance Trade-off

First off, this Apple Chip vulnerability is not as threatening as the above explanation seems to indicate. The attack normally takes much time as it is fairly difficult to carry out. Thus, the GoFetch exploit Apple does not pose much threat to crypto users.

Second, for the attacker to capitalize on the unpatchable encryption security weakness he/she should first install a malicious app on the computer or iPhone. Also, by default Apple is designed to block unassigned malicious apps that may try to access the computer .

Read also: Apple’s Metaverse Ambition

The other reason why the digital threat macOS has a very slim chance of success is that it takes over 10 hours for the hack to complete. Notably, during that lengthy period the computer should run continuously. This means that an individual who restarts his/her computer after about 5 hours may foil such an attack.

Since it is not very possible to disable the DMPs on M1 and M2 CPUs without heavily affecting the functioning of the the developers may need to update the software so that it can automatically disable the DMPs or prevent the activation of the key-dependent DMP.

An individual may also choose to run all cryptographic code on “Icestorm” cores since they do not have DMPs. However, that may affect the performance of the computer in a serious way. It is also possible that future updates from Apple may enable them without due notice.

Nonetheless, Apple seems to play down the threat which the scholars discovered. It believes that there is little chance for successful crypto exploit on any of its gadgets since they have ample security measures ingrained in the .

In its community forum Apple said, “We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques.”

Read also: Bitcoin Whitepaper in Every Apple Computer

It then added, “Based on our analysis as well as the details shared with us by the researchers, we have concluded this issue does not pose an immediate risk to our users and is insufficient to bypass operating security protections on its own.”

Broader Implication for Digital Security

The research findings discussed above have highlighted the need for digital asset users to be extremely vigilant when using Mac computers and iPad tablets which are susceptible to leaks of essential data like cryptographic keys and passwords which also secure digital wallets. The reason is that once a hacker accesses such information he/she can drain your digital assets. Even if the risk for hacking through that process is low, crypto users who manage their digital assets using these devices should not ignore the warning.

Recent Security Gaps in iOS and MacOS which Increase the Chance of Security Breach

The GoFetch exploit Apple is not the only digital threat MacOS computers and iPad tablets face. Recently Kaspersky reported that recently Apple released several updates as a result of vulnerabilities in its iOS and macOS devices which may allow bad actors to steal sensitive data as well as digital assets. Due to such vulnerabilities Apple urged the users to update their devices to iOS 16.4.1 and macOS 13.3.1.

In fact, these devices had two threats namely CVE-2023-28205 and CVE-2023-28206 which could allow hackers to zero-click exploits. With this, the victims may be directed to phishing websites where malicious actors would target them using different crypto scam tricks in order to steal their digital assets.
Also, it would allow malware to be installed automatically inside the devices. Once a malware is installed the attackers would run certain codes and control the devices.

Read also: Metamask Notifies Apple Users Over iCloud Phishing Attack

How to Keep Your Crypto Safe?

If you keep digital assets in Apple’s Macs or iPad tablet the best thing is to transfer them to another device. You can store them on hardware wallets or suitable digital devices such as Windows PC, Android phones or iPhones.

Related news: Protecting Your Digital Assets in the Crypto Landscape

The other important thing to do is to avoid installing applications from unidentified developers and untrusted sources. If you already have such apps on your device remove it immediately to prevent any crypto exploit.

Recent tips: 10 steps to keep your crypto assets safe

Lastly, Apple users with the cited devices should always take heed of any malware s they receive. The Apple encryption flaw mitigation discussed above and these security measures may save you from losing your digital assets.

Conclusion

A recent scholar report from researchers from several top United States universities has warned that the earlier versions of Apple’s MacOS and iPad tablets have vulnerabilities in their M-series chips which may allow hackers to access encryption keys and passwords. However, only the M1, M2, and M3 chips have such security flaws. The best thing crypto users can do is to remove their digital assets from such gadgets.