Head Topics

Apple's GoFetch silicon security fail was down to an obsession with speed

United Kingdom News News

Apple's GoFetch silicon security fail was down to an obsession with speed
United Kingdom Latest News,United Kingdom Headlines
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 55 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 25%
  • Publisher: 61%

Ye cannae change the laws of physics, but you can change your mind

Apple is good at security. It's good at processors. Thus GoFetch, a major security flaw in its processor architecture, is a double whammy.

This is not only a rule of the universe, it's a big problem in cryptography. Cryptographic software uses secrets to encode and decode data, and it needs to do it in private. Modern CPUs provide plenty of privacy through memory managers that limit access to properly privileged code. This is at odds with caching. As the code component gets data from memory, it does so through caching – and a constant-time cache is no cache at all. It gives data fast if it's got it, slowly if it has to fetch it. If the cache is shared between multiple processes or cores, as it always is, then an attacker can watch cache hits and misses by timing, and extract information.How to Netflix Oracle's blockbuster audit modelCrypto code knows this and is designed to avoid it.

As to what makes things faster, well, that's a secret. The DMP idea does speed up normal operations, but Apple has disclosed very few details of its cache management systems. Instead, it took a massive cross-institution effort to reverse engineer what was going on then build and test proofs of concept.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

United Kingdom Latest News, United Kingdom Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

GoFetch security exploit can't be disabled on M1 and M2 Apple chipsGoFetch security exploit can't be disabled on M1 and M2 Apple chipsFor now, cryptographic work should be run on slower Icestorm cores
Read more »

Apple fans deluged with phony password reset requestsApple fans deluged with phony password reset requestsBeware support calls offering a fix
Read more »

TSMC's 3nm node powers up, setting stage for tech giants' next-gen chipsTSMC's 3nm node powers up, setting stage for tech giants' next-gen chipsAMD, Apple, Intel throw weight – and cash – behind process technology
Read more »

Tech expert shares how to get Apple MacBook for just £1 a dayTech expert shares how to get Apple MacBook for just £1 a dayOne retailer is offering a much cheaper MacBook Air deal, which works out to just £1 a day
Read more »

Apple quietly issues surprise upgrade for some iPhones with a secret free battery charging boostApple quietly issues surprise upgrade for some iPhones with a secret free battery charging boostTap Tips! Ep 5_APP TIME SAVER
Read more »

MLS anonymous executive survey, Part 2: ‘Messi boost’, roster rule changes and Apple TV dealMLS anonymous executive survey, Part 2: ‘Messi boost’, roster rule changes and Apple TV dealMLS executives reveal how they really feel about some of the biggest issues facing the league in 2024
Read more »



Render Time: 2025-02-12 07:37:01