Apple
MIT researchers say security flaw in Apple’s M1 chip can’t be fixed
Apple has yet to comment on the situation, and it’s unclear how the issue will ultimately be resolved.
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
If you’re cruising along on a device with an Apple M1 chip, you may want to exercise caution. Researchers at MIT have uncovered a seemingly unpatchable hardware vulnerability that could open your devices up to bad actors.
According to researchers, Apple M1 chips are vulnerable due to a security feature called pointer authentication codes (PAC).
This security feature protects the CPU against any attackers that may have somehow gained access to the memory and beyond. The “pointers” store memory addresses. PAC searches for pointer changes as a result of any attacks.
READ MORE: Google researcher goes on leave after claiming AI is sentient
But while this isn’t something that can easily be patched out, there does seem to be a way to resolve it, at least somewhat. MIT CSAIL researchers discovered that a special hardware attack can bypass the PAC check failsafe.
The cleverly-named “PACMAN” attack can simply seek out the correct value that can let hackers bypass the pointer authentication. The result? The attack still commences.
MIT CSAIL notes that this could grow into a much larger issue. Attacks can be performed remotely, which makes it an even bigger problem. And since it’s a vulnerability that exploits hardware, pushing a software patch will do nothing.
Perhaps the worst part is that Arm processors with pointer authentication are all at risk — so this goes beyond being just an M1 issue.
Apple recently announced the M2 chip during its most recent WWDC keynote. It’s unclear whether the M2 has been tested to feature this same flaw.
Apple has yet to comment on the situation, and it’s unclear how the issue will ultimately be resolved. We’ll be keeping an eye out on where things go from here.
Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.
Editors’ Recommendations:
- Apple’s $599 iPad Air features a speedy M1 chip, 5G, and an improved camera
- Chrome is now the fastest web browser for M1 Macs
- If you just got a new M1 Mac, make sure you’re using the right version of Google Chrome
- Does the iPhone 13 use Apple’s M1 chip?