On June 2022, 6, MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) released a report outlining an irreparable flaw in Apple's popular M10 chip.The Apple M1 chip is found in millions of MacBooks, iMacs and iPads around the world, and has been a vital part of the company's ecosystem since 1.
But what does this vulnerability mean, is your Apple device safe?
MIT researchers discover an unpatchable flaw in Apple's M1 chip
Apple devices have several lines of defense to prevent applications from running malicious code.The last line of defense is the M1 chip's pointer authentication mechanism, a hardware tool designed to detect changes in software code.
Pointer authentication works by creating a cryptographic signature called a Pointer Authentication Code (PAC).When a piece of software runs, the M1 chip checks its stored PAC to make sure it matches the code provided by the software.If authentication fails, the software will crash, providing an excellent safety net while providing software security.
Are Apple's M1 Chip Flaws Dangerous?
Named PACMAN by the MIT researchers who discovered it, the exploit exploits the M1 chip's PAC system by guessing a software PAC.This is accomplished through a hardware side channel that enables researchers to run through all possible values of pointer authentication until they find the correct guess.
Unfortunately, since this is a hardware bug, not a software bug, there's little Apple can do to fix the problem other than recalling the device.This would be a bigger problem if it weren't for the other lines of defense Apple devices have.
The PACMAN attack will only succeed if the system already has a software vulnerability, which Apple takes very seriously.
Still, it would be wrong to say that PACMAN is harmless.If PACMAN is used to bypass pointer authentication on the device, there is nothing to prevent an attacker from taking full control of the device.That's concerning given the number of M1-equipped devices sold over the past few years.
Impact of Apple M1 Chip Vulnerability
In 2022, more than 23% of business users in the U.S. use Apple devices, a stark contrast to a market Microsoft once dominated.Businesses and other large organizations are favorable victims for attackers because their large internal networks make it possible to conduct a wider attack.
In such an environment, it's also harder to avoid software vulnerabilities, especially when it comes to security updates.
Future Apple and ARM processors
While the idea of a widespread Apple bug sounds scary, the MIT CSAIL researchers made it clear that they were concerned about future hardware issues.Both Apple and ARM processors use pointer authentication for security, which will continue into the future.
As more devices with pointer authentication enter the market, the risk of exploits like this one will only increase.Thankfully, both Apple and ARM have issued statements that they are aware of the issue and are investigating affected products to keep them safe.
Apple M1 Chip Vulnerability: Is Your Device Safe?
In short, yes.Your device is currently safe.It's impossible to prevent the PACMAN exploit because the problem is embedded in the M1 chip, but that doesn't mean your iPad or MacBook will stop working.PACMAN is only a problem when there is a software vulnerability that allows the exploit to be exploited.This is unlikely to happen unless the user makes a mistake.
Protect your Apple device from PACMAN and other threats
Apple devices are notoriously easy to use.This extends to the security of the entire ecosystem, but it's worth taking steps to keep your computer or tablet safe.
Update your operating system and software
New software vulnerabilities are constantly being discovered, and companies like Apple regularly release operating system and software updates to maintain control over them.This only works when installing updates for Apple devices.
Use the App Store
MacBooks, iPads, and iMacs all come with the Apple App Store.The company has a series of safety and quality standards that software must meet before it goes into stores.This creates a safe environment for users to find the software they want to use.Avoiding external software sources is an easy way to keep your Apple device safe.
Create regular backups
This will not make your device immune to PACMAN or other cyber threats, but it will allow you to quickly restore your machine to normal once it is compromised.
Unpatchable Vulnerability in Apple's M1 Chip
Any hardware bug should be taken seriously, especially a component as common as Apple's M1 SoC.Apple, ARM, MIT, and other groups are working to study the PACMAN flaw to ensure it doesn't pose a major security problem in the future.
You'll be able to learn more about MIT's findings at the International Symposium on Computer Architecture on June 6.
Copyright Notice:The article only represents the author's point of view, the copyright belongs to the original author, welcome to share this article, please keep the source for reprinting!