Midgard Wide Logo In White

An Apple Byte : Serious Apple Chip Vulnerability Discovered

US researchers have reported discovering a hardware chip vulnerability inside Apple M1, M2, and M3 silicon chips. The unpatchable ‘GoFetch’ is a microarchitecture vulnerability and side-channel attack that reportedly affects all kinds of encryption algorithms, even the 2,048-bit keys that are hardened to protect against attacks from quantum computers. 

This serious vulnerability renders the security effects of constant-time programming (a side-channel mitigation encryption algorithm) useless. This means that encryption software can be tricked by applications using GoFetch into putting sensitive data into the cache so it can be stolen. 

Pending any fix advice from Apple, users are recommended to use the latest versions of software, and to perform updates regularly. Also, developers of cryptographic libraries should set the DOIT bit and DIT bit bits (disabling the DMP on some CPUs) and to use input blinding (cryptography). Users are also recommended to avoid hardware sharing to help maintain the security of cryptographic protocols.

Facebook
Twitter
LinkedIn

Table of Contents

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact

Midgard Short Logo In White

MyMidgard

Our Online Portal helps you keep ontop of your IT systems. Designed from the ground up by Midgard IT themselves.