Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319


Apple M1 chips contain a security bug that is next to impossible to fix

Image Description

Apple's indigenously-developed Arm-based M1 chip suffers from a covert-channel vulnerability, unearthed by Linux developer Hector Martin.

Martin unearthed the vulnerability, dubbed M1RACLES, while working on the Asahi Linux project to port Linux to run on the Apple M1. 

Martin has created a website to share details about the vulnerability. But, while the executive summary of the bug makes this bug appear like it is a significant one, Martin clarifies that it doesn’t pose any threat at all.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

“Really, nobody's going to actually find a nefarious use for this flaw in practical circumstances….Covert channels can't leak data from uncooperative apps or systems,” explains Martin in a FAQ on the vulnerability.

Nuisance value

Martin explains that the vulnerability was the result of a conscious decision on Apple’s part who he argues decided to break the Arm spec by removing a mandatory feature, since they'd never need to use that feature for macOS.

Although there’s very little that can be achieved by exploiting this vulnerability, he says he flagged it because it violates the OS security model. 

“You're not supposed to be able to send data from one process to another secretly,” he reasons.

Martin says that Apple will have to make a change on the silicon level to the M1 to mitigate this flaw. He suggests that the bug can be mitigated in virtual machines (VM), since the register still responds to VM-related access controls, but again adds that users should worry about other prevalent security issues like malware, rather than the M1RACLES bug.

TechRadarPro has contacted Apple for comment.

Via The Register


27 May 2021



Other Blog

  • TikTok in serious trouble over data collection, again

    A legal claim against TikTok has been filed in the UK alleging the social network collects too much data on children.

    Read More
  • Amazon's fantastic Black Friday iPad Pro deals are back on the menu for a short time

    We thought Amazon's great iPad Pro (2020) deals had ended but they're back, baby, for a limited time.

    Read More
  • Lenovo&rsquo;s ThinkPad X1 Fold launched &ndash; India&rsquo;s first foldable laptop

    The Lenovo ThinkPad X1 Fold comes covered in a leather folio and weighs just 999 grams. It can be transformed into a tablet or a laptop whenever required

    Read More
  • Visa’s Tap to Phone service wants to transform payment processing for small businesses

    Tap to Phone lets small and micro businesses process payments using nothing more than an NFC-enabled Android phone.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us