News:

Willkommen im Notebookcheck.com Forum! Hier können sie über alle unsere Artikel und allgemein über Notebook relevante Dinge disuktieren. Viel Spass!

Main Menu

Apple’s M1 chip has an unfixable security flaw baked into the silicon

Started by Redaktion, May 29, 2021, 13:26:05

Previous topic - Next topic

Redaktion

A software developer has uncovered a security flaw in Apple's vaunted M1 SoC. The only fix for the issue would be for Apple to redesign the chip although the chances of the vulnerability being exploited maliciously are low.

https://www.notebookcheck.net/Apple-s-M1-chip-has-an-unfixable-security-flaw-baked-into-the-silicon.541583.0.html


DF

haha - "invented by Apple" even!

I guess they're learning that this cpu building business isn't as simple as it appears.

Daniel Ridenhour

I wonder if its a 'discovered'... 'undocumented feature'...   at least on the iPad interapp communcation is something heavy hitters like Microsoft Office and the Affinity suite of tools among others could benefit from.

Ariliquin

9to5mac report:

Can malware use this vulnerability to take over my computer?
No.

Can malware use this vulnerability to steal my private information?
No.

Can malware use this vulnerability to rickroll me?
Yes. I mean, it could also rickroll you without using it.

Can this be exploited from Javascript on a website?
No.

Can this be exploited from Java apps?
Wait, people still use Java?

Can this be exploited from Flash applets?
Please stop.

Can I catch BadBIOS from this vulnerability?
No.

Wait, is this even real?
It is.

So what's the real danger?
If you already have malware on your computer, that malware can communicate with other malware on your computer in an unexpected way. Chances are it could communicate in plenty of expected ways anyway.

That doesn't sound too bad.
Honestly, I would expect advertising companies to try to abuse this kind of thing for cross-app tracking, more than criminals. Apple could catch them if they tried, though, for App Store apps. Wait. Oh no. Some game developer somewhere is going to try to use this as a synchronization primitive, aren't they. Please don't. The world has enough cursed code already. Don't do it. Stop it. Noooooooooooooooo [...]

So what's the point of this website?
Poking fun at how ridiculous infosec clickbait vulnerability reporting has become lately. Just because it has a flashy website or it makes the news doesn't mean you need to care. If you've read all the way to here, congratulations! You're one of the rare people who doesn't just retweet based on the page title :-)

Hector

Man you're so involved in the apple marketing narrative about privacy that your brain immediately believed that this vulnerability could be used by marketing companies for tracking. That's really not the main concern, nor has it ever been really. They can still use files on disk, secret login mechanisms, IP address, phone data, etc etc. Depends only on how they present it to you, but it can be done easily.

On the other hand, if apple presents it as an annoying popup screen with lots of text and a big blue "stop" button on each app launch, you're more likely to click that button and just move on (even without reading). So don't believe everything that apple says, they're the best marketing company in the world after all.

k.h.

This article covers a hoax.
The author has not taken the effort to investigate fully.

https - //m1racles.com

read down to: So what's the point of this website?

pr_ce

are they lowering the price of the new imac 24'' and others due to the m1 chip flaw??

Quick Reply

Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Name:
Email:
Verification:
Please leave this box empty:

Shortcuts: ALT+S post or ALT+P preview