Close Menu
    Facebook X (Twitter) Instagram
    Trending
    • Park City & Deer Valley will continue to return to it
    • High Country, High Summer: The best adults adults in Park City, Utah
    • Deer Valley Utah Readies for the largest ski expansion in history
    • Cedar Park is among the top 25 American cities thanks to the gardens and public vision
    • After 45 years of hope marathon, this northern town inspires a new generation of Voyageers
    • Romantic escape to the Bay of Thunder: a three -day haven for adventurous couples
    • Adventure things to do in Laureto, Mexico
    • Costa Rica retreated: Paradise of wellness in Central America
    Facebook X (Twitter) Instagram
    ZEMS BLOG
    • Home
    • Sports
    • Reel
    • Worklife
    • Travel
    • Future
    • Culture
    • Politics
    • Weather
    • Financial Market
    • Crypto
    ZEMS BLOG
    Home » The reported flaw exposes Mac users' private encryption keys
    Crypto

    The reported flaw exposes Mac users' private encryption keys

    ZEMS BLOGBy ZEMS BLOGMarch 23, 2024No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    A recent study has raised alarm after identifying a vulnerability in Apple's M-series chips that has the potential to enable hackers to retrieve Mac users' private encryption keys.

    In the absence of a direct solution, the other method proposed by the researchers may significantly hinder performance.

    Apple M-Series chips are vulnerable to key mining

    The vulnerability in question acts as a side channel, allowing end-to-end key extraction when Apple chips implement implementations of commonly used cryptographic protocols. Due to its origin in the silicon microarchitecture, direct patching is not possible, unlike traditional vulnerabilities.

    Instead, the report highlighted a fix that relies on integrating defenses into third-party encryption software. However, this approach may significantly “degrade” the performance of M-series chips during encryption tasks, which is especially evident in previous generations such as the M1 and M2.

    The researchers also added that exploitation of the vulnerability occurs when both the targeted cryptographic process and the malicious application, running with standard user system privileges, are processed on the same CPU block.

    “Our key insight is that while DMP merely dereferences pointers, an attacker can craft program inputs such that when those inputs are mixed with cryptographic secrets, the resulting intermediate state can be engineered to look like a pointer if and only if the secret satisfies the attacker's chosen predicate.”

    Recent research highlights what is described as an overlooked phenomenon regarding DMPs within Apple silicon. In some cases, DMPs misinterpret memory content, including critical background material, as a pointer value used to load other data. As a result, the DMP repeatedly accesses this data and interprets it as an address, resulting in memory access attempts, the research team explained.

    This process, known as “dereferencing” pointers, entails reading data and inadvertently leaking it through a side channel, which is a clear violation of the constant-time model.

    Go fetch

    Researchers identified this hack as a “GoFetch” exploit while explaining that it runs under the same user privileges as most third-party apps, and exploits vulnerabilities in M-series chipsets. It affects both classical and quantum-resistant encryption algorithms, with extraction times varying from minutes to hours depending on the key size.

    Despite previous knowledge of similar threats, researchers said GoFetch exhibits more aggressive behavior in Apple chips, posing a significant security risk.

    Source link

    ZEMS BLOG
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleHow Celebrities React to Kate Middleton's Cancer News
    Next Article Instagram Outage and Legal Troubles: Double Meta Challenges
    ZEMS BLOG
    • Website

    Related Posts

    A security engineer was imprisoned for 3 years for hacking cryptocurrencies worth $12 million

    April 12, 2024

    6 Common Risks in Self-Directed IRAs and Bitcoin Checkbooks

    April 12, 2024

    Asset tokenization, artificial intelligence attracts focus from IOSCO Fintech team

    April 12, 2024
    Leave A Reply Cancel Reply

    Park City & Deer Valley will continue to return to it

    August 26, 2025

    High Country, High Summer: The best adults adults in Park City, Utah

    August 26, 2025

    Deer Valley Utah Readies for the largest ski expansion in history

    August 23, 2025

    Cedar Park is among the top 25 American cities thanks to the gardens and public vision

    August 22, 2025
    Recent Posts
    • Park City & Deer Valley will continue to return to it
    • High Country, High Summer: The best adults adults in Park City, Utah
    • Deer Valley Utah Readies for the largest ski expansion in history
    • Cedar Park is among the top 25 American cities thanks to the gardens and public vision
    • After 45 years of hope marathon, this northern town inspires a new generation of Voyageers
    About

    ZEMS BLOG in partnership with Holiday Omega keeps you informed. Bringing you the latest news from around the world with fresh perspectives and unique insights. Your daily source for news from around the world. All perspectives, all curated for a global audience.

    Facebook X (Twitter) Instagram YouTube Telegram
    • About Us
    • Contact Us
    • Privacy Policy
    • Disclaimer
    Subscribe For latest updates

    Type above and press Enter to search. Press Esc to cancel.