Apple For Security? PACMAN Targets The New M1 Chip

Source: The Register Apple For Security?  PACMAN Targets The New M1 Chip

PACMAN Can Bypass The M1’s Pointer Authentication

You’ve seen the commercials and heard it from any Apple fans you might know; Apple is for security and not vulnerable to the viruses that take out PCs.  While not entirely untrue, the success of their PR campaigns have led people to overestimate just how invulnerable that Apple product they purchase actually is.  The latest example of that is the hardware vulnerably PACMAN, which targets the new M1 chip from Apple, completely bypassing some security features on it.

The M1 uses pointer authentication, which should prevent an attacker from modifying memory references without being detected and stop anything flagged by it from running at all.  The attack itself is quite worrying, as it can make guesses about the cryptographic hash value of a Pointer Authentication Code without crashing the program, as is intended.  It is also rather effective, with researchers taking 2.94 minutes to guess a proper value for a 16-bit PAC and construct a control-flow hijacking attack.  You can dive deeper into the details with this story at The Register.

We can hope that the Apple M2 chip also includes mitigations for this, though that was not specifically mentioned during Apple’s WWDC 2022 keynote speech.  They did suggest that the new eight-core M2 CPU will provide 87% of an Intel’s 12-core Core i7-1260P peak performance, but will consume a mere quarter of the power of the Alder Lake chip.   Apple also suggests it will provide almost twice the processing power of the Core i7-1255U, and do so while matching the power consumption of the Intel chip.  

You can find out more about what Kevin Krewell and the reporter from The Register think about this announcement here.

"If we wanted to quote someone, we could copy this block. Maecenas id justo sed risus ultrices tincidunt. Mauris orci elit, fermentum vitae mi eget, fringilla faucibus tortor. "

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!