A recently published paper describes a flaw primarily affecting Apple Silicon that allows attackers to circumvent end-to-end encryption through a side-channel attack on the company’s devices. Anyone.
In brief: Hardware-based security flaws have become more frequent over the last several years but have mostly affected Intel and AMD processors. Now, Apple joins those ranks with a recently discovered vulnerability that causes Mac M-series CPUs to expose encryption keys. Since it is hardware-based, there is little users can do besides keeping macOS updated.
A recently published paper describes a flaw primarily affecting Apple Silicon that allows attackers to circumvent end-to-end encryption through a side-channel attack on the company’s devices. Anyone developing encryption software for Macs likely needs to rethink their security procedures.
The security analysts confirmed the exploit, dubbed GoFetch, works on M1 CPUs and speculate that it likely also impacts M2 and M3 chips and their Pro and Max variants.
