Apple’s M1 has a unfixable security flaw that’s effectively harmless
Apple’s M1 chip has a vulnerability that can’t be fixed without a silicon revision, according to developer Hector Martin. The flaw allows for covert channels that enable two malicious apps to talk to each other. However, unless your system has been compromised by exploits or malware through other means, “covert channels are completely useless,” Martin wrote in a blog post that was first spotted by Ars Technica.
The vulnerability is harmless on its own, according to the developer, as malware can’t use it to steal or interfere with data that’s on a Mac. However, “it violates the OS security model,” Martin said. “You’re not supposed to be able to send data from one process to another secretly. And even if harmless in this case, you’re not supposed to be able to write to random CPU system registers from userspace either.”
Without special equipment, it’s impossible to detect when apps communicate with each other over covert channels, as Ars Technica notes. Such under-the-radar connections don’t require operating system features, system memory, sockets or files to run. Apps can use covert channels to communicate even if they’re running on different user profiles or separate privilege levels.
Were the M1 (or another chip that enables covert channels) to be used in iPhones, this type of communication could be more impactful on those devices, Martin suggests. Keyboard apps on iOS have no internet access, so they can’t transmit your inputs. A malicious one theoretically could send your key presses to another app via a covert channel, and your inputs could then be shared with bad actors.
Covert channels could also allow apps to bypass the cross-app tracking limitations in iOS 14.5. However, as Ars Technica points out, Apple would have to approve two malicious apps and a user would have to install both of them, so the chances of this happening look to be fairly small.
The only way to prevent covert channels from running on M1 machines is to run your operating system as a virtual machine, which impacts performance drastically. Given the tiny likelihood that covert channels are harmful to your Mac and the performance tradeoff, opting to run macOS in a VM probably isn’t worth it. Besides, you’ll have bigger fish to fry if your system has at least two pieces of malware, even if they don’t communicate with each other.
Engadget has contacted Apple for comment.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.