Skip to main content

M1 security vulnerability ‘baked into chip,’ but researcher says it doesn’t matter

An M1 security vulnerability has been discovered that likely cannot be mitigated by Apple, but the researcher who found it says it’s not something we need to worry about …

Here’s Hector Martin’s description of it:

A flaw in the design of the Apple Silicon “M1” chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange.

The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision.

He also posted an amusing video proof of concept (below).

However, it’s unlikely to be anything any M1 Mac owner need be concerned about. Martin said that the worst-case scenario here would be that ad companies might try to exploit this kind of flaw for cross-app tracking.

Indeed, the security researcher went as far as putting a prominent link at the top of the webpage that links to the section of the FAQ telling people not to worry. It makes for fun reading!

Can malware use this vulnerability to take over my computer?
No.

Can malware use this vulnerability to steal my private information?
No.

Can malware use this vulnerability to rickroll me?
Yes. I mean, it could also rickroll you without using it.

Can this be exploited from Javascript on a website?
No.

Can this be exploited from Java apps?
Wait, people still use Java?

Can this be exploited from Flash applets?
Please stop.

Can I catch BadBIOS from this vulnerability?
No.

Wait, is this even real?
It is.

So what’s the real danger?
If you already have malware on your computer, that malware can communicate with other malware on your computer in an unexpected way. Chances are it could communicate in plenty of expected ways anyway.

That doesn’t sound too bad.
Honestly, I would expect advertising companies to try to abuse this kind of thing for cross-app tracking, more than criminals. Apple could catch them if they tried, though, for App Store apps. Wait. Oh no. Some game developer somewhere is going to try to use this as a synchronization primitive, aren’t they. Please don’t. The world has enough cursed code already. Don’t do it. Stop it. Noooooooooooooooo […]

So what’s the point of this website?
Poking fun at how ridiculous infosec clickbait vulnerability reporting has become lately. Just because it has a flashy website or it makes the news doesn’t mean you need to care. If you’ve read all the way to here, congratulations! You’re one of the rare people who doesn’t just retweet based on the page title :-)

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications