The attack, called GoFetch, targets the hardware data prefetch (DPM) optimization feature. The researchers explained that DMP helps the processor guess what data it might need in the future. Experts said that hackers can fraudulently obtain certain information related to encryption.
The problem was discovered in Apple computers based on proprietary processors, which the corporation has been producing since the end of 2020 to the present day. Moreover, it is impossible to fix the vulnerability, since it is essentially part of the Apple Silicon architecture.
The described GoFetch attack can compromise keys used for various encryption protocols. To hack, the attacker needs to keep the infected application running on the target device for a certain period of time – from 1 to 10 hours.
Experts emphasized that developers can add additional security measures to their applications to reduce the risk of attack. However, these steps—for example, randomizing sensitive data—can lead to reduced system performance.
#unfixable #vulnerability #discovered #Apple #computers
2024-03-25 21:25:01