Researchers from several American universities have just discovered a serious security flaw at the very heart of Apple’s M chips which equip Macs and MacBooks. And it is impossible to correct.
Macs have long been considered secure computers. Even, by some, like inviolable fortresses, unlike PCs. And even more so now, since Apple now controls not only its operating system but also the processors which power its machines with its own in-house chips, the famous M1, M2 and more recently M3 with performances widely acclaimed by critics. Alas, no offense to fans of the Apple brand, macOS is not immune to bugs, security flaws and viruses of all kinds, like all operating systems. And it seems that this is also the case for M chips, whose reputation could take a big hit in the wing.
A group of computer security researchers from several American universities has revealed a significant flaw which affects the M1, M2 and M3 chips. Baptized GoFetch, this breach would allow experienced hackers to recover encryption keys with impunity and thus get their hands on sensitive data recorded on the Mac. Not very reassuring, especially since the researchers indicate that the program necessary to achieve this does not require a specific installation requiring special authorizations. Less than an hour was enough for them to recover an RSA-2048 key.
The attack targets the DMP (Data Memory-dependent Prefetcher), a prediction function allowing the processor to anticipate the next instructions of a program and store them in memory before it needs them in order to accelerate processing – a function that has existed for a long time on Intel and AMD chips. However, among this data are sensitive elements that a malicious program can take advantage of to find encryption keys. All this spy app needs is to run on the same CPU cluster (set of processor cores) as the program being attacked.
Apple chip security flaw: no cure on the horizon
Alerted in December 2023, Apple has not yet reacted to the threat. And we understand why. This flaw affects the very design of its chips. No software patch can fix a physical problem. The researchers have not yet carried out tests on the Pro, Max or Ultra versions, but they indicate that the architecture being identical, the risks should be approximately the same, which is hardly reassuring.
These experts give some ideas for mitigating the risks, but they are not without consequences, particularly on the performance of the chips. By depriving yourself, for example, of using the DMP to run sensitive applications. Treatments would be safer, but inevitably slower. Another solution would be to only perform encryption calculations on low-power cores. But, again, with a big loss of performance.
In short, even if the risks of hacking remain low – serious technical skills are still required to carry out attacks exploiting this flaw -, users of Macs equipped with M chips have every interest in being extra vigilant when installing applications on their machines while waiting for Apple to develop a solution.