Close Menu
    Facebook X (Twitter) Instagram
    Trending
    • How to lift the hole in the wall trail near Port Alberani, BC
    • Nice giants and fast collapses: herb animals in Tanzania
    • 3 days in Santorini – the best things to see and do
    • Children’s animals in Tanzania: A video article from Tarangy, Nugurongoro, and Serinjiti
    • This professional traveler reveals how to tour the world without any remorse
    • Spring of 2025 external equipment and new books guide
    • The 18 best beaches in the world
    • River mares in Tanzania: Heavy weights in Africa
    Facebook X (Twitter) Instagram
    ZEMS BLOG
    • Home
    • Sports
    • Reel
    • Worklife
    • Travel
    • Future
    • Culture
    • Politics
    • Weather
    • Financial Market
    • Crypto
    ZEMS BLOG
    Home » The reported flaw exposes Mac users' private encryption keys
    Crypto

    The reported flaw exposes Mac users' private encryption keys

    ZEMS BLOGBy ZEMS BLOGMarch 23, 2024No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    A recent study has raised alarm after identifying a vulnerability in Apple's M-series chips that has the potential to enable hackers to retrieve Mac users' private encryption keys.

    In the absence of a direct solution, the other method proposed by the researchers may significantly hinder performance.

    Apple M-Series chips are vulnerable to key mining

    The vulnerability in question acts as a side channel, allowing end-to-end key extraction when Apple chips implement implementations of commonly used cryptographic protocols. Due to its origin in the silicon microarchitecture, direct patching is not possible, unlike traditional vulnerabilities.

    Instead, the report highlighted a fix that relies on integrating defenses into third-party encryption software. However, this approach may significantly “degrade” the performance of M-series chips during encryption tasks, which is especially evident in previous generations such as the M1 and M2.

    The researchers also added that exploitation of the vulnerability occurs when both the targeted cryptographic process and the malicious application, running with standard user system privileges, are processed on the same CPU block.

    “Our key insight is that while DMP merely dereferences pointers, an attacker can craft program inputs such that when those inputs are mixed with cryptographic secrets, the resulting intermediate state can be engineered to look like a pointer if and only if the secret satisfies the attacker's chosen predicate.”

    Recent research highlights what is described as an overlooked phenomenon regarding DMPs within Apple silicon. In some cases, DMPs misinterpret memory content, including critical background material, as a pointer value used to load other data. As a result, the DMP repeatedly accesses this data and interprets it as an address, resulting in memory access attempts, the research team explained.

    This process, known as “dereferencing” pointers, entails reading data and inadvertently leaking it through a side channel, which is a clear violation of the constant-time model.

    Go fetch

    Researchers identified this hack as a “GoFetch” exploit while explaining that it runs under the same user privileges as most third-party apps, and exploits vulnerabilities in M-series chipsets. It affects both classical and quantum-resistant encryption algorithms, with extraction times varying from minutes to hours depending on the key size.

    Despite previous knowledge of similar threats, researchers said GoFetch exhibits more aggressive behavior in Apple chips, posing a significant security risk.

    Source link

    ZEMS BLOG
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleHow Celebrities React to Kate Middleton's Cancer News
    Next Article Instagram Outage and Legal Troubles: Double Meta Challenges
    ZEMS BLOG
    • Website

    Related Posts

    A security engineer was imprisoned for 3 years for hacking cryptocurrencies worth $12 million

    April 12, 2024

    6 Common Risks in Self-Directed IRAs and Bitcoin Checkbooks

    April 12, 2024

    Asset tokenization, artificial intelligence attracts focus from IOSCO Fintech team

    April 12, 2024
    Leave A Reply Cancel Reply

    How to lift the hole in the wall trail near Port Alberani, BC

    June 26, 2025

    Nice giants and fast collapses: herb animals in Tanzania

    June 23, 2025

    3 days in Santorini – the best things to see and do

    June 22, 2025

    Children’s animals in Tanzania: A video article from Tarangy, Nugurongoro, and Serinjiti

    June 9, 2025
    Recent Posts
    • How to lift the hole in the wall trail near Port Alberani, BC
    • Nice giants and fast collapses: herb animals in Tanzania
    • 3 days in Santorini – the best things to see and do
    • Children’s animals in Tanzania: A video article from Tarangy, Nugurongoro, and Serinjiti
    • This professional traveler reveals how to tour the world without any remorse
    About

    ZEMS BLOG in partnership with Holiday Omega keeps you informed. Bringing you the latest news from around the world with fresh perspectives and unique insights. Your daily source for news from around the world. All perspectives, all curated for a global audience.

    Facebook X (Twitter) Instagram YouTube Telegram
    • About Us
    • Contact Us
    • Privacy Policy
    • Disclaimer
    Subscribe For latest updates

    Type above and press Enter to search. Press Esc to cancel.