Tech News

Faulty Apple M1 Allows Malicious Apps To Communicate With Each Other

Pinterest LinkedIn Tumblr

Apple’s M1 chip has a vulnerability that cannot be fixed without a processor revision, according to developer Hector Martin. The flaw allows secret channels through which malicious applications communicate with each other.

However, unless your system has been compromised by exploits or malware by other means, “secret channels are completely useless,” Martin wrote in a blog post, which was first identified by Ars Technica.

The vulnerability is harmless by itself, according to the developer, as the malware it won’t be able to steal or tamper with data on the Mac. However, “it violates the operating system’s security model,” Martin said.

“You shouldn’t be able to secretly send data from one process to another. And even though harmless, in this case, you should be able to write to random CPU system registers from user space.”

Faulty Apple M1 Allows Malicious Apps To Communicate With Each

Without special equipment, it’s impossible to detect when apps communicate with each other through secret channels, as Ars Tchina notes. These hidden connections do not require operating system resources, system memory, sockets, or files to function. Applications can use secret channels to communicate, even if they are running under different user profiles or separate privilege levels.

Keyboard apps on iOS do not have Internet access, so they cannot stream your input. A malicious app could theoretically send keyboard actions to another app via a secret channel, and its inputs could be shared with malicious actors.

The only way to prevent secret channels from running on M1 machines is to run your operating system as a virtual machine, which impacts performance dramatically.

Given the small probability that hidden channels are harmful to your Mac and the performance payoff, choosing to run macOS in a VM is probably not worth it. in addition, the user will have to face “big fish” if their system has at least two types of malware that they do not communicate with each other.

Source: ArsTechnica

Want to know other news? See below for our Suggestions

Want to know other news? See below for our Suggestions

Have an article/sponsored post to share? Whatsapp: +2348129656985.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Pin It