Apple, which came to the fore with the M2 processor introduced recently and M1 Ultra chips that offer faster and stronger performance a few months ago, this time with a news questioning the security of the M1 chips, which it launched with superior security measures.
When Apple designed the M1 chip, it equipped it with several layers of security designed to prevent attackers from infiltrating the next layer. However, a so-called PACMAN M1 chip attack created by MIT security researchers managed to infiltrate what Apple describes as the last line of security.
Apple security feature destroyed
A major and irreversible hardware fault has been discovered in what is known as the last layer of the Apple M1 chip’s security layers. The vulnerability was a security mechanism called beacon authentication codes, or PAC, ensuring the security of the M1 chips. This mechanism or layer prevents an attacker from infiltrating your device’s memory, inserting malicious code.
Researchers from MIT’s Computer Science and Artificial Intelligence Lab have created a new hardware attack that combines speculative execution attacks with memory corruption to circumvent the security feature. The attack revealed that beacon authentication can be defeated without a trace and no software update can fix it because it uses a hardware mechanism.
The research team stated that the main idea in establishing beacon authentication is the most reliable layer to prevent attackers from taking control of your system, even if all layers of security are breached. However, the beacon authentication or PAC layer, which is used as the last line of defense, turned out to be not very reliable.
Apple explained that the problem is not so big
MIT has announced that Apple’s M2 chip with PAC layer has not been hacked yet, but it can be done in a short time. He also explained in a research paper by MIT that if not prevented, his attacks could affect most mobile devices, and possibly even desktop computers in the next few years.
The researchers, who presented their findings to Apple, also stated that the Pacman attack was not something that could defeat all the security measures in the M1 chip and could only be caused by an error in the pointer authentication. After the news broke, Apple spokesperson Scott Radcliffe said in a statement, “We would like to thank the researchers for their collaboration for enabling us to develop these techniques with this proof of concept. Based on our analysis and the details shared with us by the researchers, it is clear that this issue does not pose a crisis-ridden risk to our users and that on its own We concluded that it was insufficient to bypass operating system security protections.” said.
Even if Apple states that it is not a risky situation, we advise you to be careful when installing unfamiliar software and clicking on e-mails.
19110
