Apple For Security?  PACMAN Targets The New M1 Chip

Apple For Safety? PACMAN Targets The New M1 Chip

Posted on


PACMAN Can Bypass The M1’s Pointer Authentication

You’ve seen the commercials and heard it from any Apple followers you would possibly know; Apple is for safety and never susceptible to the viruses that take out PCs.  Whereas not fully unfaithful, the success of their PR campaigns have led individuals to overestimate simply how invulnerable that Apple product they buy truly is.  The most recent instance of that’s the {hardware} vulnerably PACMAN, which targets the brand new M1 chip from Apple, utterly bypassing some security measures on it.

The M1 makes use of pointer authentication, which ought to forestall an attacker from modifying reminiscence references with out being detected and cease something flagged by it from operating in any respect.  The assault itself is kind of worrying, as it will probably make guesses concerning the cryptographic hash worth of a Pointer Authentication Code with out crashing this system, as is meant.  Additionally it is quite efficient, with researchers taking 2.94 minutes to guess a correct worth for a 16-bit PAC and assemble a control-flow hijacking assault.  You’ll be able to dive deeper into the main points with this story at The Register.

We are able to hope that the Apple M2 chip additionally consists of mitigations for this, although that was not particularly talked about throughout Apple’s WWDC 2022 keynote speech.  They did counsel that the brand new eight-core M2 CPU will present 87% of an Intel’s 12-core Core i7-1260P peak efficiency, however will devour a mere quarter of the ability of the Alder Lake chip.   Apple additionally suggests it should present virtually twice the processing energy of the Core i7-1255U, and achieve this whereas matching the ability consumption of the Intel chip.  

You’ll find out extra about what Kevin Krewell and the reporter from The Register take into consideration this announcement right here.



Supply hyperlink

Leave a Reply

Your email address will not be published. Required fields are marked *