• Uncategorised

The M1 has a big security loophole, and Apple can’t patch

Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) have discovered a new security vulnerability that targets Apple’s popular M1 processor. The attack, dubbed PACMAN, is capable of bypassing the last line of defense against software bugs on the M1 and potentially other ARM-based processors. PACMAN attacks pointer authentication, which is the final stop for most software vulnerabilities.

Pointer authentication confirms that a program hasn’t been changed in any malicious way, serving as a “safety net … in the worst case scenario,” as MIT PhD student Joseph Ravichandran put it. MIT’s researchers developed PACMAN as a way to guess the pointer authentication signature, bypassing this critical security mechanism. Researchers say PACMAN exploits a hardware mechanism, so a software patch won’t be able to fix it.

The attack works by running all possible pointer authentication values through a hardware side channel, which reveals if the guess was correct or not.

This all happens under speculative execution — basically running a computing task that’s not required at the time — which means there isn’t any trace left by PACMAN. “The idea behind pointer authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system,” Ravichandran, who co-wrote the PACMAN report, said. “We’ve shown that pointer authentication as a last line of defense isn’t as absolute as we once thought it was.”

Not a worry, for now

Although PACMAN is frightening for the M1 and other ARM-based systems that use pointer authentication, MIT researchers say there isn’t a reason to be worried now. PACMAN simply allows software bugs that would be blocked by pointer authentication through.

In short, a software vulnerability must exist first for PACMAN to do anything. For its part, Apple is usually quick to respond to vulnerabilities. Apple paid a student £100,000 for discovering a webcam hack on Macs earlier this year, for example, and a MacOS Monterey update in March fixed two major security flaws facing Macs.

MIT says the PACMAN attack is focused more on the processors of the future.

The M1 has a big security loophole, and Apple can't patchAntonio Masiello/Getty Images

Ravichandran told Digital Trends in an interview that it only targeted the M1, informing Apple of the issue in 2021. He says “the concerning question is not whether the current ARM processors are vulnerable, but whether future ARM processors are also vulnerable.” We reached out to ARM, which says it’s aware of the vulnerability and plans to publish an update on the ARM Security Center Developer site once its investigation is over. We also reached out to Apple, which provided the following statement: “We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques.

Based on our analysis as well as the details shared with us by the researchers, we have concluded this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own.” Although PACMAN doesn’t pose an immediate threat to the M1, MIT’s findings don’t come at an opportune time. Apple just unveiled the M2 processor, which likely uses pointer authentication as well.

Ravichandran offers some advice for issues that could arise out of PACMAN with future chips: “Developers should take care to not solely rely on pointer authentication to protect their software.” Apple doesn’t seem too concerned, and neither do MIT’s researchers. Ravichandran says that, although pointer authentication is “used all over the place in PAC-enabled binaries (such as the macOS kernel),” it only works “as a last step in exploitation, when everything except for pointer authentication has been bypassed.”

That doesn’t mean PACMAN is harmless, though. Ravichandran warned that “using PACMAN to bypass pointer authentication opens the door to arbitrary code execution, which would give the attacker complete control of a device.” Researchers also suspect that future ARM processors with pointer authentication could be vulnerable, too. This isn’t the first vulnerability the M1 has faced.

Researchers spotted a hardware-based security vulnerability in the M1 in May, but it wasn’t considered a major problem and hasn’t caused widespread issues. MIT researchers will present their full findings on June 18 at the International Symposium on Computer Architecture.

How you can protect yourself

PACMAN doesn’t pose an immediate threat, so there’s nothing you need to do now to protect yourself. Because PACMAN only works if software bugs exist, it’s important to keep MacOS and your software up to date.

Make sure to read our guide on how to update your Mac and frequently check for software updates for the apps installed on your computer.

Ravichandran echoed that advice: “Keep your software up to date!”

Editors’ Recommendations

Tags:

asos listed on couponmatrix.ukblue-vanilla listed on couponmatrix.ukbrook-taverner listed on couponmatrix.ukcookhouse-and-pub listed on couponmatrix.ukpandora listed on couponmatrix.uk365games listed on couponmatrix.uk
asos listed on couponmatrix.ukASOS needs no introduction—if you love online shopping, chances are you’re already an ASOS regular. Stocking loads of top brands, including Topshop, Nike and Calvin Klein, ASOS brings all your fave styles under one (virtual) roof. ASOS is known for its stellar sales, student discounts and free delivery deals, making it easy to stay stylish on a budget. Make the most of an ASOS discount code from Groupon to save on your next ASOS haul.
blue-vanilla listed on couponmatrix.ukBlue Vanilla is a fashion brand that offers beautiful and stylish clothing for women. Their clothes are perfect for any occasion, whether you're looking for something to wear to work or to a special event. With a Blue Vanilla discount code, you can save money on your next purchase. So whether you're looking for a new dress, pants, or top, be sure to check out Blue Vanilla's collection. At Groupon, we work hard to find the best deals and discounts for our customers. We know that everyone loves a good deal, which is why we're always on the lookout for the latest and greatest Blue Vanilla discount codes. Whether you're looking for a percentage off your purchase or a free shipping code, we'll do our best to find it for you. So be sure to check back often and take advantage of the savings! If you're looking for a new dress, be sure to check out Blue Vanilla's collection. With a wide variety of styles and colours to choose from, you're sure to find the perfect dress for any occasion. And with a Blue Vanilla voucher code, you can save even more money on your purchase. So whether you're looking for a casual dress or something more formal, be sure to browse Blue Vanilla's selection. You won't be disappointed!
brook-taverner listed on couponmatrix.ukHow do you use a Brook Taverner discount code? You’ll be instructed to enter a code once you are on the transaction page. There will be a clearly shown area to enter the code. Remember to enter the promo code before you complete the transaction, as it may not be possible to apply the code afterwards.
cookhouse-and-pub listed on couponmatrix.ukDine, drink and enjoy many an evening at your local Cookhouse & Pub, the family-friendly tavern that puts that little extra into every order. Keeping customers fed and merry from morning to night, any visitor will find themselves satisfied whilst saving with any of our phenomenal Cookhouse vouchers. So the next time Friday night rolls along and it’s time for a round with colleagues or an evening meal with the folks, check in at your nearest Cookhouse & Pub.
pandora listed on couponmatrix.ukAiming to add a little sparkle to every lady’s outfit, Pandora has climbed to the top of the jewellery store ladder through a combination of alluring designs, collectable charms and inexpensive prices. Whether you’re a fan of classic, modern or even Disney-themed finery, a Pandora discount code is all you’ll need to knock your favourite jewellery down to an unbeatable price. With hundreds of unique charms, dazzling rings, beautiful necklaces and eye-catching earrings to pick from, personal preference truly takes many different forms at Pandora.
365games listed on couponmatrix.ukIf you love gaming, you’ll love 365games. As well as all the latest releases for Playstation, Xbox, Nintendo and PC, 365games stocks an awesome range of board and card games, collectable merch, clothing, vinyl and box sets, too. Make the most of a 365 games discount code to save on your next haul - whether you’re after a classic Mario Kart game or want to dress like a diehard Marvel fan, you’ll find the perfect pick; or find an awesome gift for a geeky pal that doesn’t break the bank.