.jpg "ByteDance to sell TikTok in the US ahead of schedule")
.jpg "Baidu Releases AI Model Competing with DeepSeek for Free")
.jpg "Real estate market in the south of Hai Duong city is bustling")
.jpg "Extremely dangerous forest fire risk in Kinh Mon, Chi Linh")
-ac017d3d3ce25d3405471795d6bb26f0.jpg "Gia Loc needs over 10 billion VND to invest in renovating and expanding landfills.")
Submit a comment
An unpatchable vulnerability in Apple's M-series chips for computers and tablets could allow hackers to extract secret encryption keys.
Researchers from the University of Washington, UC Berkeley, Carnegie Mellon, UIUC, and Georgia Tech call the attack GoFetch, a reference to a processor chip's Data Memory Prefetch (DMP), which is used to predict what data a computer will need next and retrieve it in advance. DMP makes processing faster, but can also reveal information about how a computer is performing.
The research shows that DMP, specifically the DMP in Apple's M series chips, can leak information even when the program is designed to not reveal any data during memory access. The researchers' tests showed that they could access sensitive information such as a 2048-bit RSA key in less than an hour.
According to the researchers, the vulnerability in the M chip cannot be patched and can only be mitigated by strengthening security in third-party encryption software. However, this may reduce chip performance when performing encryption, especially on the M1 and M2 chips.
This isn’t the first time security experts have found a threat in Apple’s DMP. In 2022, researchers discovered a similar vulnerability in the iPhone’s M1 and A14 Bionic chips that could lead to the Augury attack. However, it can’t extract sensitive data, while GoFetch is more dangerous and poses a greater security risk.
DMP attacks are uncommon and typically require physical access to a Mac. The researchers have notified Apple of the vulnerability. An Apple representative declined to comment when asked about the report.
TB (according to VnExpress)
