The vulnerability is related to the hardware security mechanism used in Apple M1 chips. It is called the Authentication Code or PAC. This feature greatly complicates the lives of attackers, preventing malicious code from entering the device’s memory and providing protection against buffer overflow exploits.
Video of the day
Researchers at the Massachusetts Institute of Computer Science and Artificial Intelligence have created a new hardware attack to test the security of Apple’s chips. The attack showed that the authentication of indicators can be bypassed without leaving traces, and because it uses a hardware mechanism, no software fix will help to save it.
Vulnerability found in Apple T2 security chip (Photo: 9to5mac.com)
Long, but reliable. Hackers hacked the Apple T2 security chip
The attack, dubbed Pacman, works by guessing the Authentication Code (PAC) as well as a cryptographic signature confirming that the program was not modified intentionally. This is done using speculative execution, a method used by modern computer processors to increase productivity by guessing different lines of calculations. At this time, the hardware side channel indicates whether the assumption was correct. Moreover, since there are not many possible PAC values, the researchers found that you can try them all to find the right one.
Dangerous vulnerabilities found on some iPhone models (Photo: PhoneArena)
It is still impossible to protect yourself. New malware can track you even when your iPhone is turned off
To confirm the concept, the researchers demonstrated that the attack works even against the software kernel of the device’s operating system. “This threatens to have serious implications for future security work on all ARM systems with benchmark authentication enabled,” said Joseph Ravichandran, PhD student at MIT CSAIL and co-author of the study.
“If we do not try to correct the consequences, our attack will affect most mobile devices and probably even desktop devices in the coming years,” – said in a research paper by the Massachusetts Institute of Technology.
Experts provided a report on the work done by Apple. They have not yet received answers.