• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Apple M-Series CPUs Affected by "GoFetch" Unpatchable Cryptographic Vulnerability

"Goes into vault... I guess I have to update everything"
 
phints said:
Lol unpatchable wait what? Does Apple not have some kind of Microcode/AGESA type firmware they catch patch at the bios level like Intel/AMD?
Click to expand...
It's a silicon level flaw, not microcode level.
 
user556 said:
Right, so how can one achieve the mixing of data and memory access patterns?
Click to expand...
You are getting a bit complicated for a layman explanation, but it would mean combining a certain memory address with certain memory contents.

ROWHAMMER memory attacks are an example of such a thing.
 
This looks more like skipping security checks to gain performance like for example meltdown

Give them another 10 years and all those skipped security checks will require enough transistors to match x86 power efficiency

Oh and this bit is great:

As an Apple user, there is not much you can do other than practice safe computing habits....
...
The GoFetch attack does not require physical access for exploitation, so if the attacker can run code on the target machine, for example, via malware infection, it can be executed remotely.


This is the perfect backdoor lol. Thanks for the "privacy & security" section.
 
Last edited:
R-T-B said:
You are getting a bit complicated for a layman explanation, but it would mean combining a certain memory address with certain memory contents.
Click to expand...
C'mon, using an address as data is just more data.
 
Big "oof" moment, right as they're pushing M3 and it supposedly being faster than M1 and M2. I wonder if mitigations would also kill performance to be equal or worse to M1 or M2 without mitigations.

On the other end, if this makes some M2 products cheaper, I might just go for a larger M2 tablet, just to play the 2 iPad exclusive games I'm playing on a smaller refurbished M1, as well as being a bigger e-reader (which I also use the tiny M1 for).
 
Given the likely performance hit, I'm guessing Apple won't worry about mitigating it via software because the vulnerability can't be remotely exploited by itself anyway. An attack would first need a way to be executed as native code locally on the target machine.
 
user556 said:
C'mon, using an address as data is just more data.
Click to expand...
That's not how addressing works. An address is a particular place, not more data. In the example of a rowhammer attack, that is on the edge of a row boundary in memory, combined with a repeated write operation of a "1" pattern which can induce a bitflip.

I'm more fuzzy on the details here.
 
Fouquin said:
Forcing developers to upgrade is an industry wide thing. To be perfectly frank; developers don't upgrade enough. You should be developing in the environment you develop for. Not using a 2013 Thinkpad hackintosh'd running every back-channel workaround to make XCode work properly.
Click to expand...
No this was about current macbooks. And as I have said, it was about some instruction for the cryptographic signature it had nothing to do with "You should be developing in the environment you develop for". Which is idiotic in its own way, I clearly stated this was a requirement for submitting to the AppStore. If developers followed you advice, they'd be developing iOS apps on iPhones.
(Fwiw, I understand what you meant, you just didn't word that very well.)
 
Now watch Apple create a proprietary adapter with a chip in it for hardware mitigation.

And sell it at $299,-
 
Intel has had unpatchable CPUs in the past - CVE-2019-0090 and I'm sure more will come in the future. AMD's Tesla chip is unpatchable. Its unfortunate, but it happens. All these chip makers can do is fix it with an upcoming silicon. So good luck fellow hardware enthusiast, lets hope nothing we currently own reveals an unpatchable vulnerability. Practices safe surfing!
 
R-T-B said:
That's not how addressing works. An address is a particular place, not more data. In the example of a rowhammer attack, that is on the edge of a row boundary in memory, combined with a repeated write operation of a "1" pattern which can induce a bitflip.

I'm more fuzzy on the details here.
Click to expand...
Yep, but fiddling the order of addressing doesn't seem much like "mixing data and memory" to me.
 
user556 said:
Yep, but fiddling the order of addressing doesn't seem much like "mixing data and memory" to me.
Click to expand...
I mean it's somewhat awkward wording sure but it's what it means.
 
I have my doubts. It's just the flip of what I said earlier. Using data for making up addresses is likewise just more addresses. It stops being data.
 
Fouquin said:
Forcing developers to upgrade is an industry wide thing. To be perfectly frank; developers don't upgrade enough. You should be developing in the environment you develop for. Not using a 2013 Thinkpad hackintosh'd running every back-channel workaround to make XCode work properly.
Click to expand...

Developers DO upgrade more than common people.
I upgraded my 2011 iMac to latest linux 6.6.15 last month (along with gnome graphical env, on debian trixie).

However I CANNOT upgrade OSX because they stopped support for that iMac.
Even with OpenCore-Legacy-Patcher, it's barely usable, and feels so slow (and hot !) when compared to linux.
If there was a carbon tax, using linux would become mandatory :)
 
You must log in or register to reply here.
Back
Top