The Apple M1 was designed to significantly improve the performance and energy efficiency of Apple products. Apple is slowly revolutionizing the computer market, proving that ARM-based computers have a bright future in the industry. The chip is certainly known for its performance, power efficiency and security. But, apparently, security is not 100%. Today, a researcher named Hector Martin found out that there is a security breach in the chip. This breach allows applications to share information with each other on devices.
The M1 app has a security issue that requires a new revised version
According to the researcher, the security breach allows two applications to exchange information with each other. Most impressively, this exchange takes place without using files, memory, sockets or other system resources through a hidden channel on the chip. Martin says that to fix this flaw, it would be necessary to revise the entire design of the Apple M1. This would require the release of a new revised version.
You can watch a humorous video where a hacker shows how two open programs can exchange information with each other. It shows how these apps investigate breaches in real-time by showing a video sent by one of them.
However, users need not panic. According to Marting, this vulnerability cannot be used to take control of a device, let alone steal information. In addition, he claims that the risk of running it using Javascript is zero.
On the other hand, the researcher was unable to determine how the malware used in the demonstration could communicate with other malware on the Internet. However, the probability of losses is currently very low. He even mentioned:
“Honestly, I would expect ad companies to try to abuse things like this in the Apple M1 to track apps, not criminals. Apple can catch them if they try, but in the case of apps from the App Store: no no no no. Some game developer will try to use this as a synchronization method, right? Please don't do this. There's enough damn code in the world."
Apple, of course, has yet to comment on the situation. According to the news, the company is expected to unveil the new version during WWDC 2021, which will be held next month. Can the security issues be fixed in this new update? Only time will tell.