MIT Experts Find Security Flaw in M1 Chip GA S REGULAR Menu Lifewire Tech for Humans Newsletter! Search Close GO News > Internet & Security 24 24 people found this article helpful

MIT Experts Find Security Flaw in M1 Chip

Though it can't be exploited remotely

By Rob Rich Rob Rich News Reporter College for Creative Studies Rob is a freelance tech reporter with experience writing for a variety of outlets, including IGN, Unwinnable, 148Apps, Gamezebo, Pocket Gamer, Fanbolt, Zam, and more. lifewire's editorial guidelines Published on June 10, 2022 01:57PM EDT Fact checked by Jerri Ledford Fact checked by Jerri Ledford Western Kentucky University Gulf Coast Community College Jerri L. Ledford has been writing, editing, and fact-checking tech stories since 1994. Her work has appeared in Computerworld, PC Magazine, Information Today, and many others. lifewire's fact checking process Tweet Share Email Tweet Share Email Internet & Security Mobile Phones Internet & Security Computers & Tablets Smart Life Home Theater & Entertainment Software & Apps Social Media Streaming Gaming A team of researchers at MIT has managed to crack the purported last line of defense on Apple's M1 chip, creating a security loophole on the hardware level. M1 chips are largely considered quite secure, despite some vulnerabilities discovered in the past. However, this particular issue stands out because of its inability to be patched out or otherwise updated. Since it's tied to the hardware, the only way to address it would be to replace the chip. matejmo / Getty Images The attack, dubbed "PACMAN" by the research team (there's a reason for it), can bypass the M1's Pointer Authentication defense and won't leave any evidence behind. The function essentially adds a special coded signature to various memory functions and requires authentication before running those functions. These Pointer Authentication Codes (PAC) are meant to shut down security bugs before they can do significant harm. A PACMAN attack tries to guess the correct code to trick the chip into thinking a bug isn't a bug. And since the number of individual PAC values is finite, it's not too difficult to try all the possibilities. The silver lining in all of this is that a PACMAN attack is extremely reliant on specificity. It has to know exactly what type of bug it's supposed to let through, and it can't compromise anything if there's no bug for it to try and wave through Pointer Authentication. Hill Street Studios / Getty Images While PACMAN attacks don't pose an immediate threat to most M1 Mac systems, it is still a security loophole that could be exploited. The MIT team is hoping that knowledge of this weakness will prompt designers and engineers to come up with ways to close the exploit off in the future.
Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit More from Lifewire What Is an Intrusion Prevention System (IPS)? Is a Used Mac Mini Worth Buying? iMac M1 (2021) Review: A Visual Refresh and the Powerful M1 Chip How to Protect Your iPad From Malware and Viruses What’s the Newest MacBook? Should I Upgrade to macOS Monterey? Apple MacBook Air 13-inch (M1, 2020) Review: Apple’s Impressive M1 Chip Rises To New Heights iPad Pro (2021, M1) Review: Desktop Performance in a Tablet Microsoft Windows XP on New Computers Apple's M1 Max GPU Runs Circles Around Original M1 Chip MacBook Air vs. MacBook Pro: What's the Difference? Apple Reveals Two New M1 Chips: M1 Pro and M1 Max What Is a WEP Key in Wi-Fi Networking? Here's Why Malicious Malware Wants Your Smart Home Tech How to Keep Your Smart Home From Being Hacked Researchers Show Popular GPS Tracker Is Vulnerable to Hackers Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up Newsletter Sign Up By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. Cookies Settings Accept All Cookies