Apple’s blisteringly fast and remarkably efficient M1 chips have been the catalysts behind a recent MacBook resurgence, but MIT security researchers have found a chink in their armour.
MIT Computer Science & Artificial Intelligence Laboratory (CSAIL) scientists revealed in a recent paper a vulnerability in what they call the “last line of security” for the M1 chip. The flaw could theoretically give bad actors a door to gain full access to the core operating system kernel.
Before I go any further, M1 MacBook owners don’t need to worry about having their sensitive data stolen. While this is a severe vulnerability that will need to be addressed, certain unlikely conditions need to be in place for it to work. Foremost, the system under attack needs to have an existing memory corruption bug. As such, the scientists say there is “no cause for immediate alarm.”
For its part, Apple thanked the researchers in a statement to TechCrunch but emphasised that the “issue” doesn’t pose an immediate risk to MacBook owners.
“We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these techniques,” Apple said. “Based on our analysis as well as the details shared with us by the researchers, we have concluded this issue does not pose an immediate risk to our users and is insufficient to bypass operating system security protections on its own.”
Getting into the technical bits, Apple’s M1 chip uses something called Pointer Authentication to detect and guard against unexpected changes in memory. MIT calls this the “last line of defence,” and says it can snuff out bugs that would normally compromise a system and leak private information. It does this using “PACS,” or pointer authentication code (PAC) that checks for unexpected changes resulting from an attack. A PAC, or a cryptographic hash used as a signature, is made when a program is deemed to be safe.
As the researchers discovered, this line of defence can be broken. That’s where MIT’s PACMAN attack comes in. It guesses the value of a PAC using a hardware device, meaning a software patch won’t fix the program. There are many possible values of a PAC, but with a device that reveals whether a guess is correct or false, you can try them all until you get the right one without leaving any trace. In this scenario, the ghosts win.
“The idea behind pointer authentication is that if all else has failed, you still can rely on it to prevent attackers from gaining control of your system. We’ve shown that pointer authentication as a last line of defence isn’t as absolute as we once thought it was,” said MIT CSAIL Ph.D. student Joseph Ravichandran and co-lead author of the paper.
“When pointer authentication was introduced, a whole category of bugs suddenly became a lot harder to use for attacks. With PACMAN making these bugs more serious, the overall attack surface could be a lot larger,” Ravichandran added.
Since pointer authentication is used to protect the core OS kernel, bypassing it could give bad actors access to the sensitive parts of a system. As the researchers note, “An attacker who gains control of the kernel can do whatever they’d like on a device.”
In this proof of concept, the researchers showed that the PACMAN attack could be used to attack the kernel, which has “massive implications for future security work on all ARM systems with pointer authentication enabled. Future CPU designers should take care to consider this attack when building the secure systems of tomorrow,” Ravichandran warned. “Developers should take care to not solely rely on pointer authentication to protect their software.”
Apple uses pointer authentication on all of its ARM-based chips, including the M1, M1 Pro, and M1 Max. MIT said it hasn’t tested this attack on the recently revealed M2 processor set to power the new MacBook Air and MacBook Pro 13. Qualcomm and Samsung have either announced or are set to ship processors that use the security feature.
The researchers outlined three methods for preventing such an attack in the future. One way is by modifying the software so PAC verification results are never done under speculation, meaning an attacker couldn’t go incognito while attempting to infiltrate. Another potential resolution is by defending against PACMAN in the same way Spectre vulnerabilities are being mitigated. And finally, patching memory corruption bugs would ensure this last line of defence isn’t needed.
Apple wins lawsuit over Spectre and Meltdown Security flaws
In related news, a judge dismissed a class-action lawsuit against Apple for allegedly selling customers iPhones and iPads with processors that were vulnerable to the devastating Spectre and Meltdown flaws. US District Judge Edward Davila in San Jose, California deemed the customers failed to prove that they overpaid for devices because Apple knowingly hid defects, as reported by Reuters. They also didn’t provide enough evidence that a security patch pushed out to those devices made them significantly slower.