Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys
- Thread starter MacRumors
- Start date
- Sort by reaction score
how did you read the post, links, the whole thread, and somehow get this take?
Yeah smart post, M3 is also effected so upgrade to what??? I just bought the M3 Air, thinking of returning it and wait for next year as I don’t really need it right now.
FUD 🤓![]()
DMP-style attacks are not common, and typically require physical access to a Mac.
This makes me angry!
I expected better from Apple, now that Apple Silicon is in its 5th year and Apple's self-touted security.
Once Apple releases security-fixed Silicon, Apple should give us one-to-one replacement M-devices for the premium we've paid to have them. 🤔
![Screenshot 2024-03-22 at 5.40.08 PM.png]( "Screenshot 2024-03-22 at 5.40.08 PM.png")
I expected better from Apple, now that Apple Silicon is in its 5th year and Apple's self-touted security.
Once Apple releases security-fixed Silicon, Apple should give us one-to-one replacement M-devices for the premium we've paid to have them. 🤔
Last edited:
It's really difficult to make concrete risk assessment and recommendation simply because all this is so academic. In the paper they are not talking about passwords at all. The topic they are discussing is asymmetric key encryption (what is used for example for popular SSH and HTTPS protocols). What their attack does is discover the private part of the key, which potentially allows the attacker to spoof your identity to a service (e.g. sign an email in a way they believe it comes from you).
To execute this exploit the attacker would need to run some fairly intensive code on your computer, have access to a cryptographic service that uses your private keys, and also now the exact algorithm that service is running. Probably the most obvious vector of attack would be via browser, and this can be trivially mitigated by occasionally moving long-running threads between different CPU clusters (which Apple is already doing anyway).
So yeah, probably not something one should worry too much about.
This may be a silly question but why don’t tech companies have to do recalls when there is a security issue like this found that can’t be patched?
I mean, you buy a new car and they find an issue, they do recalls on the vehicle. Just curious.
I mean, you buy a new car and they find an issue, they do recalls on the vehicle. Just curious.
This article from the Register explains things well it notes M1 m2 and M3 chips are vulnerable as stated but DMP can be disabled on M3 CPU's which would seriously degrade performance, interestingly the test was only on base models.
"
The researchers were able to successfully mount end-to-end attacks on Apple hardware containing M1 processors, and found that base-model M2 and M3 Apple Silicon CPUs display similar exploitable behaviour. Other Apple Silicon variants weren't tested.
Well I won't me not buying a M3 OLED iPad this year. Interesting how much more robust Intel chips were. Maybe Apple should just make jewellery that's expensive, I bet the diamonds would be flawed though.
Intel processors are at risk too, but less so, the team notes. "Intel's 13th Gen Raptor Lake microarchitecture also features a DMP. However, its activation criteria are more restrictive, making it robust to our attacks."
www.theregister.com
"
The researchers were able to successfully mount end-to-end attacks on Apple hardware containing M1 processors, and found that base-model M2 and M3 Apple Silicon CPUs display similar exploitable behaviour. Other Apple Silicon variants weren't tested.
Well I won't me not buying a M3 OLED iPad this year. Interesting how much more robust Intel chips were. Maybe Apple should just make jewellery that's expensive, I bet the diamonds would be flawed though.
Intel processors are at risk too, but less so, the team notes. "Intel's 13th Gen Raptor Lake microarchitecture also features a DMP. However, its activation criteria are more restrictive, making it robust to our attacks."
Hardware-level vulnerability found in Apple Silicon CPUs
Short of redesigning CPUs, the fix will seriously degrade performance
This issue is not going to affect you as much as it requires access to the hardware directly. What is screws over is m1 and M2 chips being used in server farms.
Just like in the past on intel security issues in their server chips. It hurt at the server level due to the leaking.
The other part is might hurt us all encryption in general on an app as someone might be able to crack the salt or the more master keys and then spread out from there but that is a bigger thing.
Depends on the risk. For most users this falls in acceptable risk. For server farms that might be another story.
I want to thank all the world renowned security experts who came to macrumors to give us all the answer to how this is and isn’t patchable and how we are totally not screwed but also absolutely also are. This discussion was as clear as mud.
The National Traffic and Motor Vehicle Safety Act gives NHTSA the authority to issue vehicle safety standards and to require manufacturers to recall vehicles that have safety-related defects or do not meet Federal safety standards.
There is no such law applicable to tech companies. And talking out loud about regulating all these massive tech companies that have no limit to their greed and want to take over every possible industry seems to be a no-no. The fanboys will be up in arms.
Depends on the apps you use. It may be ssh private key, it may be VPN private key.
In the paper they demonstrated the exploit on both OpenSSL and Golang's RSA implementation. OpenSSL is widely used. So imagine some (web)server app running on the Mac with SSL enabled.
As for the macOS disk encryption, it's unaffected because it's using secure enclave and as such, it should be safe from this particular exploit.
So messages are encrypted and Email is open to hacks at any time and servers and networks get hacked as well all the time and no one is responsible for the loss.
This test was all in Lab setting I'm guessing so they had the software for both sides of the hack setup network side and
network side in house.
What am I supposed to be afraid of again?
This test was all in Lab setting I'm guessing so they had the software for both sides of the hack setup network side and
network side in house.
What am I supposed to be afraid of again?
Yeah they can turn off DMP and cripple the M3 chip performance wise, please read the info available that's been posted.This cannot be fixed with microcode fixes in M1, M2 and M3. The only option is software mitigation which which would cause a big loss in performance, that's what has been explained so far. A new M series architecture is needed to fix this.
*Edited due to lack of coffee first thing in the morning.
Last edited:
Well, I just hope apple gives us the OPTION of opting into doing the software patch and crippling our machines vs not and having better performance. Not all of us have nuclear launch codes on our machines
I doubt that, lots of Mac minis are sometimes used in server farms, Apple will have to patch I imagine across the board as some bad actor will find a way to exploit it at some point. Apple knew about this since December it appears, with all the other things happening like the dropping of micro LED and this big drive to generative AI, I am seriously wondering what Apple are going to do next to fix this hardware wise going forward.
I can't see loads of people wanting to upgrade to new possible OLED M3 iPads with a major flaw in the CPU's that can't be fixed until Apple change the architecture with a M4 or even a M5, as I imagine the M4 is already pretty set in stone, lets hope Apple changed the way DMP behaves on it, otherwise that chip will have the same issues.
That would depend on the issue, wound't it? This particular exploit is akin to a criminal hitching a ride in your car and listening to the sounds of the ignition to guess the shape of your key. Would you recall a car because of this?
Ok, maybe someone with a bit more knowledge could hear me out.
Anxious person here, first ever Mac since a month ago: MBP 14” M3Pro.
I’ve only gotten used to it and still explore after a life of windows.
I thought I’ve “got it all” now, speed, durability, safety, efficiency.
Do I have to be worried or is this machine a lost case like, let’s say the dilemma with the butterfly keyboard or something completely flawed?
Thanks for the help!
Anxious person here, first ever Mac since a month ago: MBP 14” M3Pro.
I’ve only gotten used to it and still explore after a life of windows.
I thought I’ve “got it all” now, speed, durability, safety, efficiency.
Do I have to be worried or is this machine a lost case like, let’s say the dilemma with the butterfly keyboard or something completely flawed?
Thanks for the help!
This still requires the attacker to run their resource-intensive exploit code within the web server. So they need to gain access to your machine first somehow.