Security researchers discover two new attacks, SLAP and FLOP, that exploit vulnerabilities in Apple's Arm-compatible processors to steal sensitive data. These attacks can allow malicious webpages to access information such as emails, browsing history, and even private calendar events.
Many recent Apple laptops, desktops, tablets, and phones powered by Cupertino's homegrown Silicon processors can be exploited to reveal email content, browsing behavior, and other sensitive data through two newly identified side-channel attacks on Chrome and Safari .
On Tuesday, security researchers Jason Kim, Jalen Chuang, and Daniel Genkin from the Georgia Institute of Technology in the US, and Yuval Yarom from Ruhr University Bochum in Germany, published papers describing two speculative-execution attacks dubbed SLAP and FLOP. These attacks exploit weaknesses in Apple's Arm-compatible processor designs to extract information from memory that should be off limits. In practice, that means a malicious webpage in one Chrome or Safari browser tab snooping on a page in another tab and stealing its sensitive information, such as emails being read and what have you. The SLAP attack targets Apple-designed processors, such as the M2, A15, and newer models that have a Load Address Predictor (LAP), which predicts the memory addresses of subsequent load instructions to optimize performance. The LAP speculatively issues a load for the predicted address and waits for it to resolve – either continuing if it predicted correctly or flushing the pipeline and resuming operations if incorrect. 'We discover that if we train the LAP on striding memory addresses, the LAP will access the next sequence in the striding pattern and compute using the data in that address, even if the program never actually accesses it,' the researchers explain. The FLOP attack targets a feature in more recent Apple CPUs (M3, M4, A17), the Load Value Prediction (LVP), which attempts to predict the values a memory load operation will return based on previously observed patterns. 'We found that if the LVP sees the same data value being repeatedly returned from the memory subsystem for the same load instruction, the LVP will attempt to guess the load's outcome the next time that load instruction executes, even if the memory accessed by the load now contains a completely different value!' the researchers explain. 'Therefore, using the LVP, we can trick the CPU into computing on incorrect data values.' In the context of Apple's Safari browser, the researchers managed to train the LVP to read out-of-bounds memory through speculative type confusion. By making the CPU core transiently execute a gadget – a specific code structure resident in memory – on data of an unexpected type (eg, binary in lieu of a string), the CPU will read an attacker-chosen memory address and transmit the read data through a covert channel. Using this technique, the researchers say they were able to obtain the target's location history from Google Maps, inbox content from ProtonMail, and iCloud Calendar events
Apple Silicon Processors Security Side-Channel Attacks Chrome Safari SLAP FLOP Data Breach
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Parallels Enables x86 VMs on Apple Silicon, But It's RoughParallels has released a preview of technology allowing x86_64 virtual machines, such as Microsoft Windows, to run on Apple's Arm-powered silicon. While it's possible to run 64-bit x86 OSes and applications, performance is currently limited with slow boot times, reduced responsiveness, and lack of USB and sound support. Parallels acknowledges the rough experience and expects future improvements.
Read more »
Parallels brings back the magic that was waiting seven minutes for Windows to bootIn a preview of x86_64 VMs running on Apple silicon, so it’s excusable for now
Read more »
Apple Addresses Apple Watch Band PFAS ConcernsApple released a statement assuring users that Apple Watch bands are safe despite concerns about the presence of PFAS, often referred to as 'forever chemicals,' in some watch bands. The company acknowledges the lawsuit filed against them at the California Northern District Court and states they are working to phase out PFAS usage in their products.
Read more »
Apple Sued Over 'Forever Chemicals' in Apple Watch BandsA class-action lawsuit accuses Apple of selling watch bands containing harmful PFAS chemicals.
Read more »
Best Food Processors for Busy FamiliesDiscover the top food processors for making meal prep easier, saving time, and ensuring consistent results. MadeForMums expert reviews highlight models perfect for families of all sizes.
Read more »
AMD Strix Point Halo Processors Announced: Zen 5, RDNA 3.5, and AI Max for LaptopsAMD has unveiled its Strix Point Halo mobile processors, featuring Zen 5 CPU cores, RDNA 3.5 integrated graphics, and an NPU. The lineup includes AI Max 385, 390, and 395 models, with varying levels of performance. These processors are targeted at the laptop market, particularly for creative and AI-intensive workloads, thanks to their unified coherent memory architecture and AI capabilities.
Read more »