Apple's M1 and A14 Chips have an unfixable security flaw, but you need not worry too much about it

ARM-based M1 Chip, the first Apple-designed SoC developed for Macs, that was more recently employed in the new iPad Pro, has a security vulnerability that allows two applications to covertly exchange data between them without going through proper channels

By Deepak Singh | Published 27 May 2021 15:43 IST
HIGHLIGHTS
  • Apple's M1 and A14 chips have a hardware-level security flaw.

  • The vulnerability lets two app exchange data using a covert channel.

  • The vulnerability isn't something users need to worry about much.

Apple's M1 and A14 Chips have an unfixable security flaw, but you need not worry too much about it
Apple has acknowledged the flaw.

ARM-based M1 Chip, the first Apple-designed SoC developed for Macs and the iPad Pro, has a security vulnerability that allows two applications to covertly exchange data between them without going through proper channels. The vulnerability was accidentally spotted by a developer, Hector Martin, while he was working on porting Linux to the M1. He says that the flaw exists at the hardware level and can not be fixed by a software update. Apple was notified of the issue 90-days prior to the developer making the issue public and has already acknowledged it. 

Hector, however, notes that this flaw isn’t something users need to worry about. 

Here’s how the developer describes it: 

“A flaw in the design of the Apple Silicon “M1” chip allows any two applications running under an OS to covertly exchange data between them, without using memory, sockets, files, or any other normal operating system features. This works between processes running as different users and under different privilege levels, creating a covert channel for surreptitious data exchange.

The vulnerability is baked into Apple Silicon chips, and cannot be fixed without a new silicon revision.”

Users need not worry

The cause appears to be Apple violating an AMR specification requirement. At worst the flaw can be exploited by advertising companies for cross-app tracking. Users don’t have to really worry about malware exploiting this to take over their devices or steal their data. 

Martin also has a proof-of-concept video on his website that demonstrates that the covert channel can be used to transfer enough data to stream a video in real-time with few or no glitches. 

The flaw also affects iPhone 12 series that’s powered by A14 Bionic, since both the A14 and M1 are based on the same micro-architecture. The flaw is also expected to affect the next generation M1X chip that will reportedly be used in the upcoming MacBook Pro. It’s likely to get fixed in the iteration following that. 

Deepak Singh
Deepak Singh

Email Email Deepak Singh

Follow Us Facebook Logo Facebook Logo Facebook Logo

About Me: Deepak is Assistant Editor at Digit. He is passionate about technology and has been keeping an eye on emerging technology trends for nearly a decade. When he is not working, he likes to read and to spend quality time with his family. Read More

Tags:
Apple M1 security flaw Apple M1 security vulnerability
Advertisements

Trending Articles

Advertisements

LATEST ARTICLES View All

Advertisements

Hot Deals View All

AGARO 33511 MAGMA Air compression leg massager with handheld controller, 3 massage mode and intensity for feet, calf and thigh Massager  (Black)
AGARO 33511 MAGMA Air compression leg massager with handheld controller, 3 massage mode and intensity for feet, calf and thigh Massager (Black)
₹ 6199 | $hotDeals->merchant_name
Kuvadiya Sales Magnetic Vibra Plus Head Massager Hairbrush with Double Speed in Treatment | hair massager
Kuvadiya Sales Magnetic Vibra Plus Head Massager Hairbrush with Double Speed in Treatment | hair massager
₹ 140 | $hotDeals->merchant_name
ARG HEALTH CARE Leg Massager for Pain Relief Foot, Calf and Leg Massage with Vibration and Heat Therapy (Golden)
ARG HEALTH CARE Leg Massager for Pain Relief Foot, Calf and Leg Massage with Vibration and Heat Therapy (Golden)
₹ 15499 | $hotDeals->merchant_name
Vadhavan Roller Anti Aging 100% Natural Jade Facial Roller healing Slimming Massager Anti Aging 100% Natural Jade Facial Roller healing Slimming Massager Massager  (Green)
Vadhavan Roller Anti Aging 100% Natural Jade Facial Roller healing Slimming Massager Anti Aging 100% Natural Jade Facial Roller healing Slimming Massager Massager (Green)
₹ 175 | $hotDeals->merchant_name
HP 15.6 LAPTOP BAG Backpack  (Black, Black, 25 L)
HP 15.6 LAPTOP BAG Backpack (Black, Black, 25 L)
₹ 275 | $hotDeals->merchant_name
DMCA.com Protection Status