Real People + Real Protection

CYBERSECURITY ISN'T SEXY... UNTIL IT SAVES YOUR BACON

The LockDown Blog

Cybersecurity updates, warnings, strategies, tools, and recommendations, first and foremost.

But I love puns, have weird thoughts, and I bake, cook, and drink a lot. I mean I live in a California Wine Country with a thriving spirits, bitters, and mixers culture.

Come for the security... stay for the fun life things.

~ Angela Payton, Securista

EVERY DAY SOMEONE GETS HACKED. YOU DON'T HAVE TO BE THAT SOMEONE.

Alert GoFetch Attack

Security Alert: GoFetch

March 23, 20242 min read

Well, it’s not just antitrust lawsuits spoiling Apple’s week.

A Mac encryption flaw’s been found by researchers! Here's what you need to know (without a lot of tech jargon)

There's a bit of a hitch with Apple's new M-series chips (M1, M2, and M3) in 2020 and later Macs. Security researchers discovered a weakness in the data memory-dependent prefetcher (DMP) that could potentially expose the secret codes used to scramble your data on your Mac.

Security Alert

Security experts have long known that classical prefetchers open a side channel that malicious processes can probe to obtain secret key material from cryptographic operations.

In response, cryptographic engineers have devised constant-time programming, an approach that ensures that all operations take the same amount of time to complete, but it can slow down processing.

Here's the non-techy breakdown:

  • Macs use special tools to predict what information you might need next, kind of like the suggestions for words when you text.

  • This makes Macs processing faster, but in this case, it backfires. The prediction tool can sometimes mix things up and grab secret info (like your encryption key) instead.

  • Hackers could potentially exploit this mix-up to steal your secret keys. This could mess with things that rely on strong encryption, like secure messaging or online banking.

The not-so-great news:

  • This weakness is built into the actual chip silicon itself, so Apple can't just fix it with a simple software update.

  • There's a new attack called "GoFetch" that can take advantage of this flaw, potentially allowing attackers to steal your encryption keys. 

The almost-good news:

  • Software developers can build in extra security features to protect your data, but this might slow down your Mac, especially on older M1 and M2 models.

What you can do:

  • Don’t panic.

  • Keep an eye out for updates to your Mac software, especially those that involve encryption. These updates might include the new security features mentioned above.

  • Since we're not sure exactly which programs are vulnerable yet, it's best to be cautious and assume they all might be at risk for now.

The bottom line:

There's a new security concern with Apple M-series chips, but Apple, security, and other software developers are working on ways to protect your data. Stay updated with your software and be cautious until a more permanent fix is available.


blog author image

Ange "Gos" Payton

The Securista - Online Cybersecurity DefendHer for the Kickass Woman Entrepreneur

Back to Blog

summary of their amazing result

"A Really Strong Testimonial That confirms the powerful transformation That is waiting."

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Autem dolore, alias, numquam enim ab voluptate id quam harum ducimus cupiditate similique quisquam et deserunt, recusandae. Lorem ipsum dolor sit amet, consectetur adipisicing elit. Autem dolore, alias.

- Jane awesome

FOR SUPPORT OR QUESTIONS, PLEASE EMAIL US AT [email protected]

© 2023 COPYRIGHT securistacybersquad.com

ALL RIGHTS RESERVED