Security researchers have discovered new safety failures that affect Apple devices with M2 or A15 chips and from now on. . Vulnerabilities, folded Slap and flop and first reported by Bleeping computerI could allow attackers to read information on the open web tabs of a user. Depending on the eyelashes that you have opened, this could put data such as passwords and bank information at risk.
This is not a software problem, but rather a hardware defect that affects CPU and leaves them vulnerable to lateral channel attacks. This type of exploit measures the activity of the CPU and uses factors such as energy consumption, time and sound to infer information about user behavior. He Specter and Meltdown The 2018 defects worked similarly.
It is quite complicated, but the important part is that it makes it possible for the attackers to have their hands in confidential information even when it is correctly protected by the software that its PC is executing. The cause of these weaknesses is not purely an Apple problem, it is a performance optimization used in most modern CPUs.
Computer programs are only a long series of instructions that the CPU executes, but because there are many different results to cover, these instructions expand in all types of different branches. “If A then x, if B, then do and” or “If a occurs, return to point X”, in a large program, millions of decisions like these happen to progress.
To accelerate things, now it is a standard practice to predict which route should take the CPU and start running instructions later. In this way, more work can be done at the same time, instead of all the instructions waiting for their turn in the right order.
This optimization is called speculative execution or prediction of branches, and because it is based on predictions, it is not always going well. It is when the predictions are counterproductive that we obtain these hardware vulnerabilities that attackers can take advantage of.
The complete names of the new defects are “data speculation attacks by predicting the load address in Apple Silicon (SLAP)” and “break the CPU Apple M3 through false loading predictions (flop)”. Both essentially cause the same problem, but although Slap is limited to the safari browser, Flop also works with Chrome.
Research demonstrates with demonstrations that attacks based on these defects are possible, but there is no evidence that cybercriminals use them at this time. The researchers shared their findings with Apple last year and said the company He replied, stating that he plans to address the problems. However, months have passed and since the documents have been published, Apple’s only official comment (A Bleepingcomputer) is this:
“ According to our analysis, we do not believe that this problem poses an immediate risk for our users. ”
Although these attacks do not involve malwareThey still begin with a visit to a malicious website. As always, the best way to protect until we receive security updates is to be careful with suspected links and URLs while sailing.
