* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Saturday, May 31, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

    Allied Gaming & Entertainment Receives Expected Nasdaq Notice Regarding Delayed Quarterly Report – Business Wire

    Allied Gaming & Entertainment Faces Nasdaq Notice Over Delayed Quarterly Report

    Weekly Entertainment Report May 29-June 1: Where to find lively arts, music, and shows – Manchester Ink Link

    Weekly Entertainment Report May 29-June 1: Where to find lively arts, music, and shows – Manchester Ink Link

    Aziz Ansari made Keanu Reeves Indian food so he wouldn’t feel ‘freaked out’ directing him in Good Fortune (exclusive) – Entertainment Weekly

    Aziz Ansari Whips Up Indian Cuisine for Keanu Reeves to Ease Directing Jitters in Good Fortune

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    i3D Robotics Unveils Breakthrough Glass Defect Detection Technology – USGlass Magazine

    Revolutionary Glass Defect Detection Technology Unveiled by i3D Robotics!

    4Liberty Announces Collaboration with Itron to Drive Innovation in Utility Technology Adoption and Optimization – FinancialContent

    4Liberty Partners with Itron to Revolutionize Utility Technology and Boost Innovation

    Q1 2025 Quantum Technology Investment: What’s Driving the Surge in Quantum Investment? – The Quantum Insider

    Unleashing the Future: Exploring the Surge in Quantum Technology Investments for Q1 2025

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

    Get Ready to Race: The Ultimate Beer Run Experience Awaits!

    Rachel Guttman Launches Entertainment Law Firm Gutt Law, PLLC [Exclusive] – MusicRow.com

    Rachel Guttman Unveils Exciting New Entertainment Law Firm: Gutt Law, PLLC!

    HYBE Cashes In: Offloads Final Stake in K-Pop Rival SM Entertainment for $177 Million!

    Allied Gaming & Entertainment Receives Expected Nasdaq Notice Regarding Delayed Quarterly Report – Business Wire

    Allied Gaming & Entertainment Faces Nasdaq Notice Over Delayed Quarterly Report

    Weekly Entertainment Report May 29-June 1: Where to find lively arts, music, and shows – Manchester Ink Link

    Weekly Entertainment Report May 29-June 1: Where to find lively arts, music, and shows – Manchester Ink Link

    Aziz Ansari made Keanu Reeves Indian food so he wouldn’t feel ‘freaked out’ directing him in Good Fortune (exclusive) – Entertainment Weekly

    Aziz Ansari Whips Up Indian Cuisine for Keanu Reeves to Ease Directing Jitters in Good Fortune

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology

    Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

    Stop the Machines: The Rise of Anti-Technology Extremism – International Centre for Counter-Terrorism – ICCT

    Unplugged: The Surge of Anti-Technology Extremism

    Finland to head EU’s quantum defense technology project – Latest news from Azerbaijan

    Finland Takes the Lead in Pioneering EU’s Quantum Defense Technology Initiative!

    i3D Robotics Unveils Breakthrough Glass Defect Detection Technology – USGlass Magazine

    Revolutionary Glass Defect Detection Technology Unveiled by i3D Robotics!

    4Liberty Announces Collaboration with Itron to Drive Innovation in Utility Technology Adoption and Optimization – FinancialContent

    4Liberty Partners with Itron to Revolutionize Utility Technology and Boost Innovation

    Q1 2025 Quantum Technology Investment: What’s Driving the Surge in Quantum Investment? – The Quantum Insider

    Unleashing the Future: Exploring the Surge in Quantum Technology Investments for Q1 2025

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Apple’s GoFetch silicon security fail was down to an obsession with speed

April 2, 2024
in Technology
Apple’s GoFetch silicon security fail was down to an obsession with speed
Share on FacebookShare on Twitter

Opinion Apple is good at security. It’s good at processors. Thus GoFetch, a major security flaw in its processor architecture, is a double whammy.

What makes it worse is that GoFetch is a class of vulnerability known about years before the launch of Apple Silicon processors. How did Apple’s chip designers miss it? A similar problem exists in Intel’s 13th Gen CPUs too. Spectre and Meltdown were discovered in 2018, after all. Is this a fundamental problem in modern processor design – an evolutionary misstep from which there’s no return? The answer is part Einstein, part paranoia, and part marketing. Oh yes.

Apple M1 Chip

Hardware-level Apple Silicon vulnerability can leak cryptographic keys

READ MORE

Let’s start with Einstein, who said one of the rules of reality is that the further away something is, the longer it will take to get to you. Chip designers have to deal with that and other factors by keeping copies of frequently used data in small high-speed caches close to the processor. Doing this efficiently is essential and complex. It makes a ton of assumptions about what data will be needed and when, and how to make the transfers into the cache system neither too small nor too big. It’s a huge engineering challenge, and absolutely vital to performance.

A lot depends on the details of the different memory technologies used in DRAM and on-chip cache alongside bus speed limitations, but even if all this were to be perfected, the basic physics of closer equals faster will never go away.

This is not only a rule of the universe, it’s a big problem in cryptography. Cryptographic software uses secrets to encode and decode data, and it needs to do it in private. Modern CPUs provide plenty of privacy through memory managers that limit access to properly privileged code.

Not good enough. If a cryptographic component takes a different amount of time to complete its task depending on inputs it can operate in perfect secrecy – but an attacker timing this from the outside can start to piece together what’s going on.

As a result of discovering this, the idea of constant-time coding evolved. No matter what happens within code, it will always finish its task at the same time. Even if it means twiddling its virtual thumbs for an electronic age. Constant-time is now a basic concept to prevent information leakage from a protected system.

This is at odds with caching. As the code component gets data from memory, it does so through caching – and a constant-time cache is no cache at all. It gives data fast if it’s got it, slowly if it has to fetch it. If the cache is shared between multiple processes or cores, as it always is, then an attacker can watch cache hits and misses by timing, and extract information.

Time to examine the anatomy of the British Library ransomware nightmare

The last mile’s at risk in our hostile environment. Let’s go the extra mile to fix it

How to Netflix Oracle’s blockbuster audit model

The federal bureau of trolling hits LockBit, but the joke’s on us

Crypto code knows this and is designed to avoid it. The GoFetch bug happens because a feature of the Apple processor called a Data Memory Prefetcher (DMP) monitors the cache and tries to detect not just requests for memory access, but requests for memory locations that contain pointers to to memory locations. This is invisible to and uncontrollable by code, with the result that an attacker can fashion inputs to the crypto component that forces the DMP to leak information about the code’s operation. The computer goes faster, as it must, while breaking a basic tenet of modern cryptographic information hiding.

If this is a clash of two fundamental aspects of computing, how did it happen and why did nobody pot it until now? The clash is between speed and secrecy, mirrored in the very philosophy of high-end chip makers. It’s this philosophical element that makes the physical version so dangerous.

Chip makers obsess over speed, not only for its own sake but as the most important market differentiator. The industry is drenched in benchmarks where slower shows up, safer does not. The DMP side effect that gives us GoFetch is subtle, but perhaps nobody was looking too hard for it in the first place.

As to what makes things faster, well, that’s a secret. The DMP idea does speed up normal operations, but Apple has disclosed very few details of its cache management systems. Instead, it took a massive cross-institution effort to reverse engineer what was going on then build and test proofs of concept.

This paranoid need for security by silence is universal among chipmakers. Only the paranoid survive, as Intel’s spiritual leader and CEO Andy Grove said. You will not get more than a handful of marketing slides out of any big chipmaker. Try talking to Qualcomm, whose chips not only embody cutting-edge computer design but the massive security burden of wireless data processing, about how all that works. 404 all day long.

Why? The only outfit who could use this information to commercially harm a big chip company is another chip company, and they’ve all got the tools and expertise to work out what each other is doing anyway. If every detail of an Apple M3 chip was public, nobody could make an M3 competitor before the M4 came out, if then.

Yet if more details were available then two good things would happen. Security flaws would be caught earlier – no waiting three generations to get a DMP killswitch – and design decisions would be safer across the industry. Most deliciously, that first obsession – speed – would be far better served.

A corollary of very fast, very complex cache systems is that the better coders understand them, the more finely tuned the code can be to make best use of the system – and avoid doing things that trips it up. The better a compiler understands data segmentation and flow, what behaviors trigger what results, the more efficient and speedier the results. You can’t do this if you don’t know what’s going on.

Secrecy and speed are incompatible in some ways, mutually beneficial in others. Engineering this fact for best results will always be a compromise, but that’s what engineering’s all about. Chip companies would be doing everyone a huge favor if they re-engineered their philosophy, not just their chips, to recognize this. ®

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : The Register – https://go.theregister.com/feed/www.theregister.com/2024/04/02/apple_gofetch_opinion/

Tags: Apple’sGoFetchtechnology
Previous Post

VMware by Broadcom plots pair of Cloud Foundation releases that will show off its strategy

Next Post

Intel courts devs with open arms and exotic hardware

Predicting invasion costs from sparse data – Nature

Unlocking the Secrets of Invasion Costs: Insights from Sparse Data

May 31, 2025
High school science teacher’s advice leaves lasting mark on student – MSN

How a High School Science Teacher Inspired a Lifelong Passion for Learning

May 31, 2025
RFK Jr. threatens to bar government scientists from publishing in leading medical journals – Politico

RFK Jr. Vows to Restrict Government Scientists from Publishing in Top Medical Journals

May 31, 2025
Monique Thomas gifts love with Stem & Story Studio – Jamaica Gleaner

Monique Thomas gifts love with Stem & Story Studio – Jamaica Gleaner

May 31, 2025
Texas vs. Florida: 2025 Women’s College World Series Game 1 | Extended highlights – NCAA.com

Texas vs. Florida: 2025 Women’s College World Series Game 1 | Extended highlights – NCAA.com

May 31, 2025
Proposed URI medical school could fill doctor shortage, boost economy, draft report finds – The Public’s Radio

New URI Medical School: A Solution to Doctor Shortages and Economic Growth!

May 31, 2025
Entertainment: On Your Marks, Get Set, Beer Run! – Urban Milwaukee

Get Ready to Race: The Ultimate Beer Run Experience Awaits!

May 31, 2025
Trump administration ‘MAHA’ health report cited nonexistent studies – Reuters

Trump Administration’s ‘MAHA’ Health Report: Uncovering the Truth Behind Questionable Studies

May 31, 2025
Tributes pour in honoring legacy of legendary politician John Thrasher – Florida Politics

Celebrating the Enduring Legacy of Legendary Politician John Thrasher

May 31, 2025

Revolutionary Harvesting Technology Promises to Slash CAR-T Manufacturing Costs!

May 31, 2025

Categories

Archives

May 2025
MTWTFSS
 1234
567891011
12131415161718
19202122232425
262728293031 
« Apr    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (653)
  • Economy (668)
  • Entertainment (21,574)
  • General (15,252)
  • Health (9,710)
  • Lifestyle (670)
  • News (22,149)
  • People (670)
  • Politics (676)
  • Science (15,890)
  • Sports (21,172)
  • Technology (15,655)
  • World (656)

Recent News

Predicting invasion costs from sparse data – Nature

Unlocking the Secrets of Invasion Costs: Insights from Sparse Data

May 31, 2025
High school science teacher’s advice leaves lasting mark on student – MSN

How a High School Science Teacher Inspired a Lifelong Passion for Learning

May 31, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version