This is a summary of the Ars reporting [0] on the original research [1].<p>[0] <a href="https://arstechnica.com/security/2024/03/hackers-can-extract-secret-encryption-keys-from-apples-mac-chips/" rel="nofollow">https://arstechnica.com/security/2024/03/hackers-can-extract...</a><p>[1] <a href="https://gofetch.fail/" rel="nofollow">https://gofetch.fail/</a>
Apple experts, how subtle is this constraint for this exploit?<p>> The GoFetch attack uses the same user privileges as many other third-party macOS apps, rather than root access. This lowers the barrier to entry for actually run the attack, but it's not entirely the whole story.<p>> The GoFetch app running the attack must also be used on the same chip cluster as the cryptographic target app in order to function, and both must use the efficiency cores or the performance cores at the same time.<p>= = = edit for additional context<p>> The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. [...] DMPs are a relatively new phenomenon found only in M-series chips and Intel's 13th-generation Raptor Lake microarchitecture