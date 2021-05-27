Cancel
CreatorsPublishersAdvertisers
View more in
Software

Unfixable Apple M1 chip bug enables cross-process chatter, breaking OS security model

By Thomas Claburn in San Francisco
theregister.com
 23 days ago

Cover picture for the articleApple's Arm-based M1 chip, much ballyhooed for its performance, contains a design flaw that can be exploited to allow different processes to quietly communicate with one another, in violation of operating system security principles. M1RACLES, as the bug has been called, doesn't pose a major security risk because information leakage...

www.theregister.com
IN THIS ARTICLE
#Information Security#Media Relations#M1racles#Arm#Macos Big Sur#Linux V5 13#Ios Ipados#A14#App Store#Oses#The Register
YOU MAY ALSO LIKE
News Break
Microsoft
News Break
Apple
News Break
Data Security
News Break
Technology
News Break
Computers
News Break
Software
Related
Internetbestbuy.com

Simple Mobile - Apple iPhone SE - Silver

Power adapter, Apple EarPods, Lightning to USB cable. Accelerometer, Ambient light sensor, Proximity sensor, Gyro sensor, Compass, Fingerprint sensor. GPRS, EDGE, EV-DO, HSUPA, HSPA+, LTE, DC-HSDPA, VoLTE.
Electronicsnationalcybersecuritynews.today

Apple’s M1 has an unfixable security flaw that’s effectively harmless | #macos | #macsecurity

Apple’s M1 chip has a vulnerability that can’t be fixed without a silicon revision, according to developer Hector Martin. The flaw allows for covert channels that enable two malicious apps to talk to each other. However, unless your system has been compromised by exploits or malware through other means, “covert channels are completely useless,” Martin wrote in a blog post that was first spotted by Ars Technica.
SoftwareApple Insider

Apple resolved M1 Mac SSD wear reporting issue in macOS 11.4

Previous issues surrounding reporting tools reporting heavy wear on SSDs in Apple Silicon Macs now appear to be fixed in macOS 11.4. Solid State Drives (SSDs) can only be written to so many times before they can become unusable, but it takes many years. A series of reports in February 2021 about the SSDs inM1 Macs, however, appeared to show that their lifespan was considerably reduced.
Technologynationalcybersecuritynews.today

Apple Releases iOS and iPadOS 14.5.1 With Fixes for App Tracking Transparency Bug, WebKit Security Issues | #ios | #apple | #iossecurity

Apple today released iOS and iPadOS 14.5.1, minor security updates that come just a week after the release of the iOS 14.5 update. There is also a companion watchOS 7.4.1 update for Apple Watch and an iOS 12.5.3 update for older iPhone and iPad devices that don’t support Apple’s latest operating system versions.
Computersmagazinebuzz.com

Is homeOS a new operating system from Apple? Or is it just a bug fix?

Yesterday, a job ad appeared from Apple where they were looking for someone who, among other things, was eager to work with something called “homeOS”. Apple has many operating systems, but homeOS is not one of them yet. The job advertisement (broadcast by us) said:. You’ll work with system engineers...
Electronicsdigg.com

Apple Put Their Powerhouse M1 Chip Into The iPad Pro, And It's Incredible

Hands down, this is the best iPad Apple has ever made. It's absurdly fast, slick and expandable. Better yet, it starts at just $799. Thanks to built-in Thunderbolt and Bluetooth, you can easily add extra storage, connect an external display, draw with an Apple Pencil (second generation), type with a wireless keyboard.
Computersarxiv.org

Cross-chain Interaction Model In a Fully Verified Way

There are different kinds of blockchains, which have been applied in various areas. Blockchains are relatively independent systems that are apt to form isolated data islands. Then cross-chain interaction is proposed to connect different blockchains. However, the current cross-chain methods do not maintain the security of the original blockchain. They either depend on a less secure third-party system or a less secure method. This makes the cross-chain interaction less secure than the original blockchains (the security downgrade issues), or the cross-chain interaction can be done even if the paired blockchain does not exist (the blockchain invisible issue). In this paper, we first propose a system interaction model and use it to analyze the possible security issues. Based on conclusions got from the proposed model, we propose the cross-chain method that verifies the data of the paired blockchain by the consensus algorithm of the paired blockchain (the CIFuV method). With this method, the cross-chain interaction can be as the same security as in the paired blockchain. At last, we evaluate the security issues during the system interaction process, and the possibility to have the CIFuV model on the public blockchains.
Computerscybersecdn.com

AWS access control confusion enables cross-account attacks

The Amazon Web Services identity and access management (IAM) mechanism is complex, and not fully understanding its particularities often leads to misconfigurations and exposed cloud assets. Researchers from cloud security firm Lightspin identified quirks in S3 bucket permissions that appear to be a common source of confusion among administrators. There...
Cell Phoneseenewswireless.com

Samsung launches 8nm RF process for 5G chips

The 8nm RF process from Samsung features a new transistor design that gives a 35 percent reduction in size and power consumption, targeting the TSMC N6RF 6nm process for integrated 5G chips. Samsung Electronics has launched an 8nm process technology for 5G RF designs with a new transistor design that...
Computersphoronix.com

Wine 6.0.1 Pops Open Support For The Apple M1, Dozens Of Fixes

While Wine's bi-weekly development releases are normally in good shape and suitable for Linux gamers and other enthusiasts wanting to run Windows games and applications on Linux or macOS, Wine 6.0.1 is out this week for those sticking to the yearly stable releases with follow-on point releases. Since the Wine...
Cell Phonesnationalcybersecuritynews.today

Apple teams up with TSA to enable digital identification at security checkpoints | #ios | #apple | #iossecurity

Apple has announced an upcoming update to its Wallet app that will enable customers to use their mobile device as a digital identification in select US airports. During the tech giant’s annual Worldwide Developers Conference, Apple announced that it is working with the U.S. Transportation Security Administration (TSA) to enable airport security checkpoints to be “the first place customers can use their digital ID card in the Wallet”.
TV Showsimore.com

Apple fixes Apple TV 4K content bug in new tvOS beta

Apple TV 4K (2021) users have been hit with a bug that shows some 4K content as only available in HD. Reports say the new tvOS 14.7 beta has fixed this issue. A new report says that Apple's latest tvOS 14.7 beta has fixed an issue with 4K content being displayed incorrectly on the new Apple TV 4K (2021)
Computersnationalcybersecuritynews.today

Apple publishes in-depth M1, Mac, and iOS security guide | #macos | #macsecurity

Apple has published its annual Apple Platform Security Guide, which includes updated details concerning the security of all its platforms, including the new M1 and A14 chips inside Apple Silicon Macs and current iPhones, respectively. The first look inside M1 Mac security. The extensive 196-page report explains how Apple continues...
Technologygearbrain.com

Apple brings more privacy controls with new OS updates this fall

Apple is doubling down on privacy in its devices, bringing more controls to its users through updates rolling out this fall. These include — but are not limited to — reports on how often an app has tapped their location, contacts and more, to blockers that will stop senders from knowing when someone opens an email.