Previously Craig Federighi, Apple’s Senior Vice President of Software. revealed that macOS has its own malware problem, and currently the macOS operating system on Mac devices has a fair amount of malware when compared to the iOS operating system.
Now, a researcher named Hector Martin reveals the M1 chip has a security vulnerability.
Martin discovered the vulnerability, dubbed M1RACLES, while working a Linux project to port Linux to run on the Apple M1. Martin has created a website to share details about the vulnerability.
According to the researcher, this vulnerability exists at the hardware level of the M1 chip and is declared irreparable. However, while the bug’s executive summary makes this bug seem like a significant bug, Martin clarifies that it poses no threat at all
This loophole allows two applications to exchange data secretly without using normal operating system features. Fortunately, the gap does not pose a dangerous risk.
According to Martin, this vulnerability cannot be used by hackers to take over devices or steal user information. However, this vulnerability can be used by advertisers to track data across apps across devices.
This loophole will also affect all M1 and iPhone 12 series devices which are based on the same CPU microarchitecture as the M1.
Martin explained that the vulnerability was the result of a conscious decision on the part of Apple which he said decided to break the Arm specs by removing the mandatory feature, since they don’t need to use that feature for macOS.
Although very little can be achieved by exploiting this vulnerability. Martin said that Apple should make changes to the silicon level to the M1 to mitigate this shortcoming.
He suggested that bugs could be mitigated in virtual machines (VMs), as registers still respond to VM-related access controls, but again added that users should be concerned about other common security issues like malware, rather than the M1RACLES bug.
ProApk on Google News – http://bit.ly/pro-apk-google-news
ProApk on Telegram – http://t.me/proapk_in
ProApk on Twitter – http://twitter.com/xdapirates
ProApk on Facebook – http://bit.ly/pro-apk-facebook