By: Eva Baxter
Researchers have recently identified a considerable security vulnerability in Apple’s M-Series computing chips that could potentially compromise the security of private crypto keys. This vulnerability pertains to the data memory-dependent prefetcher (DMP) of the chips.
Security analyst stated that the DMP is a hardware optimization feature that preempts and loads data into the CPU cache prior to request, but it can sometimes mistakenly consider sensitive data, such as crypto keys, for memory addresses. This induces a vulnerability known as “side-channel attacks.” Despite these claims, the exploitation of this vulnerability requires the co-operation of a malicious and targeted crypto app on the same CPU set.
Concurrently, the US Department of Justice (DOJ) has begun legal proceedings against Apple for its business model, which is purportedly monopolistic and detrimental to consumers and competitors alike. They argue that Apple has set prohibitive rules and restrictions across varying products that prevent competition, hinder innovation, and compromise user experience.
Crypto industry experts suggest that if Apple loses this battle, it could possibly open US markets to crypto payments using pioneering services likeCoinbase Wallet with seamless transactions.
Despite these concerns, it is crucial to note that rectifying the CPU vulnerability may not be straightforward as it stems from the microarchitectural design of the chips, but implementing protective measures within third-party encryption software can help reduce the risk.