Reassuring statement from Apple!

TechnoPixel — 2 years ago

1 min reading time

Apple made a statement on the vulnerability discovered by MIT in the Pointer Authentication security feature on the M1 processor.

READING NOW Reassuring statement from Apple!

Apple introduced the Arm-based M1 chip, which was among the best laptop processors last year. In this way, it managed to go one step further in terms of both performance and power consumption. However, MIT researchers announced that the security feature called Pointer Authentication in the M1 chip can be bypassed thanks to the PACMAN virus.

Is the Pointer Authentication measure of M1 processors sufficient for PACMAN virus?

According to data revealed by MIT researchers, malicious people can exploit memory corruption vulnerabilities in software and weaknesses in microprocessor design to circumvent authentication codes. In the first place is the Pointer Authentication security feature of the M1 processor.

Potential vulnerabilities on the side of memory corruption are one that could allow malicious people to mess with the contents of the memory location and hijack a program’s execution function, with very dangerous consequences.

Arm, which carries out many studies on security measures for processors, uses an encryption method known as Pointer Authentication (Pointer Authentication) or PAC. Hackers who want to bypass this type of measure need to estimate the PAC value. But it should be noted that simple rough estimates will not work. Because the program crashes automatically when the wrong attempt is made.

The recently emerged PACMAN virus comes into play here. It can be used to distinguish between correct PAC and invalid attempts without causing any crashes. In other words, Pointer Authentication in the M1 processor can bypass the security measure in the system.

Apple’s statement is as follows:

Many chip manufacturers, including Qualcomm and Samsung, have released processors with Pointer Authentication. Some of them are expected to be released in the near future. It is true that if the risk is not mitigated, it could affect most mobile devices in the future, possibly even desktop devices. But for now, there is no vulnerability for users to worry about.

What do you think about this issue? Don’t forget to share your views with us in the comments!

Tags Pac Security

Comments

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Reassuring statement from Apple!

ASUS will hold two virtual launches as part of CES 2024

Intel Core i3-14100 and Core i5-14400 tested: Here are early results

End of an era: GeForce GTX 16 series is being discontinued

TSMC works on 1.4 nanometer processors!

Leave a Comment