Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Status
Not open for further replies.

seek3r

macrumors 68030
Original poster
Aug 16, 2010
2,559
3,769
Ars is reporting that there's a major silicon level vuln on AS Macs that allows a side channel attack to grab encryption keys and other cryptographic/decrypted data. Looks pretty bad :/

https://arstechnica.com/security/20...secret-encryption-keys-from-apples-mac-chips/

The flaw -- a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols -- can't be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster.
 

August West

macrumors 6502
Aug 23, 2009
371
435
Land of Enchantment
How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.
 

seek3r

macrumors 68030
Original poster
Aug 16, 2010
2,559
3,769
How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.
It’s not known to be exploited in the wild, and Apple will likely mitigate it in the OS, I’m not super panicked. It may cause some slowdowns on some ops though to mitigate

If it turns out Apple cant mitigate it *then* I’ll be more worried
 
Last edited:

Analog Kid

macrumors G3
Mar 4, 2003
9,360
12,603
How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.
I don't think this is specific to Apple Keychain, I think this is much lower level than that.

The good news is that you don't need to disable the Apple Keychain. The bad news is that you don't need to disable it because all cryptographic operations are compromised regardless of source.
 
  • Like
Reactions: seek3r and chown33

leman

macrumors Core
Oct 14, 2008
19,516
19,664
How big a of threat is this to a normal user? I just started using Apple Passwords and think I may delete them and disable it. Trying to figure out if I can disable Apple Keychain too without breaking everything. 3rd party password manager is getting deleted too.

Probably close to zero. Like most of the attacks of this type it is only possible under very specific circumstances, which are rather unlikely to occur in real world operation. I mean, in order to mitigate this risk it would be sufficient if the OS moves threads between CPU clusters every few minutes. And only some very specific implementations and algorithms are vulnerable. For example anything relying on Apple's Secure Enclave will not be affected as cryptography is not done on the CPU cores.

Also, iCloud Keychain is the least secure thing Apple provides… I would look for alternatives…

Could you provide a bit more context on this?
 

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,477
16,187
California
Moderator Note:

Please continue the discussion in the news thread:

 
Status
Not open for further replies.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.