: Indian-origin researcher discovers new hardware bug in Apple M1 chip #IndiaNEWS #News San Francisco: Researchers at the Massachusetts Institute of Technology (MIT), including Indian-origin Joseph

@IndiaNEWS

Posted in: #IndiaNEWS

Indian-origin researcher discovers new hardware bug in Apple M1 chip #IndiaNEWS #News
San Francisco: Researchers at the Massachusetts Institute of Technology (MIT), including Indian-origin Joseph Ravichandran, have identified a new hardware vulnerability in Apples in-house silicon M1 chip that powers Macs.
The threat, dubbed PACMAN by PhD student Ravichandran, enables attackers to stop the M1 chip from detecting software bug attacks.
The M1 chip uses a feature called Pointer Authentication, which acts as a last line of defence against typical software vulnerabilities.
With Pointer Authentication enabled, bugs that normally could compromise a system or leak private information are stopped dead in their tracks.
Researchers from MITs Computer Science and Artificial Intelligence Laboratory found a crack as their novel hardware attack, called PACMAN showed that Pointer Authentication can be defeated without even leaving a trace.
Moreover, PACMAN utilises a hardware mechanism, so no software patch can ever fix it.
The idea behind Pointer Authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system. Weve shown that pointer authentication as a last line of defence isnt as absolute as we once thought it was, said Ravichandran, co-lead author of the MIT paper.

When pointer authentication was introduced, a whole category of bugs suddenly became a lot harder to use for attacks. With PACMAN making these bugs more serious, the overall attack surface could be a lot larger, he added.
Pointer authentication is primarily used to protect the core operating system kernel, the most privileged part of the system.
An attacker who gains control of the kernel can do whatever theyd like on a device.
The team showed that the PACMAN attack even works against the kernel, which has massive implications for future security work on all ARM systems with pointer authentication enabled.
Future CPU designers should take care to consider this attack when building the secure systems of tomorrow, Ravichandran said in the paper that was published late on Friday.
Developers should take care to not solely rely on pointer authentication to protect their software, he added.
Apple has implemented pointer authentication on all of its custom ARM-based silicon so far, including the M1, M1 Pro and M1 Max.
If not mitigated, our attack will affect the majority of mobile devices, and likely even desktop devices in the coming years, MIT said in the research paper.
An Apple spokesperson told TechCrunch that the company wants to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques.
Based on our analysis as well as the details shared with us by the researchers, we have concluded this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own, the companys spokesperson added.

Intraday stocks under 50 NSE India Twitter of India

Vote Up Vote Down

Login to post a comment!