If you have a device with an ARM processor and are worried about security, we have bad news for you. And it is that the MIT Artificial Intelligence Laboratory has discovered a vulnerability that affects processors with said set of registers and instructions. Which includes Apple, Qualcomm, and countless other chips used in mobile phones, tablets, televisions, and a host of consumer electronics. what is vulnerability PAC MAN And how much should we care?
If you ask any fan of the Cupertino brand, they will offer you two completely false arguments: the first is that processors with ISA ARM are better than x86 because yes, without more knowledge than repeating the propaganda like a parrot of Apple. The second is that Macs are safe and have no security issues. However, MIT’s Computer Science and Artificial Intelligence Lab not only managed to steal data, but also demonstrated it using a Cupertino M1 processor, but it’s a problem that affects not only the apple brand bite, but with many others.
What is the PACMAN attack and how does it affect ARM processors?
The PAC-MAN technique consists of guessing the value of authentication pointer codes, Pointer Authentication Codes (PAC). What these codes do is vverify the software with a series of encrypted keys
Once the attacker has the value of the PACs, they already have the key to decrypt any encrypted information that is inside the chip. However, we must clarify that this is a design flaw in the way processors with said ISA access memory and not a specific brand. It is therefore not a problem of Apple, but also of Qualcomm, NVIDIA and ARM chips. It is therefore a blow to the plans of various manufacturers to enter the server market, which is the next frontier for this type of processor.
We must start from the fact that in the ARM ecosystem there are many different manufacturers with different designs. The normal thing would be for the issue to be resolved with a patch or CPU update, as happened with Specter and Meltdown in their day. Although this comes at the cost of some performance loss in the process. At the moment, it is too early to say anything.