> M–chip security flaw
Encryption vulnerability in Apple and Intel chips
an “unpatchable” vulnerability, dubbed GoFetch, in Apple’s M–series chips.
The researchers say the problem cannot be patched directly because it is a fundamental design flaw in the micro–architecture of modern chips — including Intel’s 13th–generation Raptor Lake CPUs as well as Apple’s M–series family of processors. Such chips use data memory–dependent prefetchers (DMPs), which speed up operations by predicting the memory addresses that running code is likely to need next and pre–loading that data into the CPU cache. It turns out that in certain very specific circumstances, this can become a “side channel” revealing encryption keys (or parts of them) when the chips are running some widely used cryptographic protocols. Four such protocols are known to be vulnerable at this time, and more may be.
The DMP on Apple’s newer M3 chip has a special bit that developers can invoke to disable the feature, although it is not known what impact this will have on performance.
Even on M1 and M2 based systems, however, the risk is relatively low — it requires very specific conditions, and affects only specific cryptographic operations. Users who stick to software from trusted sources such as the App Store are unlikely to encounter malware designed to exploit the vulnerability.
Apple is also expected to act fast and release a fix, possibly by moving at–risk operations from the M–series chips’ so–called Firestorm cores, which have the GoFetch vulnerability, to their Icestorm cores, which do not. The latter are smaller and slower than the former, though, so performance may take a hit.
Meanwhile, users are advised to install apps only from trusted sources and apply any OS updates promptly to get the latest security patches.