It’s Not Unpatchable, But The Performance Impact Would Be Massive
Proud owners of a M1, M2 or M3 based Apple devices are not having a good day. The newly revealed GoFetch attack is worrying enough to ruin a perfectly good Friday as it allows attackers to steal secret cryptographic keys from your system. To make things even worse, the vulnerability doesn’t require root access to leverage, all it needs is the same level of access any third party app does to be able to start stealing keys. The time it takes is not encouraging, for instance it takes less than an hour to extract a 2048-bit RSA key and a little over two hours to extract a 2048-bit Diffie-Hellman key.
The vulnerability comes from Apple’s decision to not follow standard practice when designing the data memory-dependent prefetchers in their M series of chips. GoFetch has been described as unpatchable, which is true for the M1 and M2 but not the M3. There are ways to mitigate the vulnerability however much like Spectre and the like which Intel and AMD processors are vulnerable to, patching will have a seriously negative effect on performance. The articles at Bleeping Computer and Ars Technica don’t specify just how large that impact will be on the M3’s performance, likely because it hasn’t been full tested yet, but it will likely be very large.
Keep an eye out for more news, and be very careful what apps you install on your new Mac.
However, as this is a hardware-based vulnerability, there is no way to fix it in impacted CPUs. While it would be possible to mitigate the flaws using software fixes, this would cause a performance hit on these CPUs' cryptographic functions.
More Tech News From Around The Web
- Hackers can unlock over 3 million hotel doors in seconds @ Ars Technica
- Truck-to-truck worm could infect – and disrupt – entire US commercial fleet @ The Register
- Windows Notepad’s midlife renaissance continues with spellcheck and autocorrect @ Ars Technica
- Microsoft’s first AI PCs Surface with Intel cores and a Copilot key @ The Register
- Garlic chicken without garlic? Critics think Amazon recipe book was cooked up by AI @ The Register
- Vernor Vinge, Father of the Tech Singularity, Has Died At Age 79 @ Slashdot
- Switch emulator Suyu hit by GitLab DMCA, project lives on through self-hosting @ Ars Technica
- 8x NVIDIA Grace Hopper Superchips in a Blade HPE Cray EX254n at GTC 2024 @ Serve The Home
- MSI GUAXE54 AXE5400 Wi-Fi 6E USB Adapter @ TweakTown
- ALLPOWERS S1500 Portable Power Station & SP033 Solar Panel Bundle Review @ NikKTech
Click bait over nothing. https://developer.apple.com/documentation/xcode/writing-arm64-code-for-apple-platforms#Enable-DIT-for-constant-time-cryptographic-operations
Amazing comment i was worried for nothing
Well its out of the box now, so it now depends on what the bad guys do with it. Intel had to address the potential even though it was also consider a low risk impact. My complaint is that Apple chose to handle this in a way that ignored the past with Spectre and Meltdown. It basically has repeated the same mistakes for the sake of performance. The risk might be low but it could be combined with other types of attacks as well. Bad guys are clever taking one weakness and combining with another. Then you have the weakness of the end user. One who has been convinced by Apple that no harm can come to them. You also have a bigger footprint in the world and a common design thread with iPhone’s and iPad’s. So nobody has tested this on those devices. Clearly has a problem and a need to address it in order to have it not affect the trust of the end user.