apple patient
  • Home
  • News
  • Rumors
  • Tips & Tricks
  • Tests & Experience Reports
  • Generally
No Result
View All Result
  • Home
  • News
  • Rumors
  • Tips & Tricks
  • Tests & Experience Reports
  • Generally
No Result
View All Result
apple patient
No Result
View All Result

FileVault: New vulnerability discovered in Intel chips

by Milan
March 6, 2020
in News
Cybersecurity and computer security concept. Notebook and login screen and padlock symbolizing computer security.

Cybersecurity and computer security concept. Notebook and login screen and padlock symbolizing computer security.

Following the Meltdown and Spectre security vulnerabilities, a new hardware-based exploit has now been discovered in Intel chips. This is said to make Apple's FileVault technology vulnerable. 

Last year, the Meltdown and Spectre security vulnerabilities were discovered, which caused a lot of trouble. According to current reports, the security vulnerabilities at that time have since been fixed. But now there seems to be a new problem and it is said to be unpatchable. According to reports, the SSD encryption FileVault on Mac devices without T1 and T2 chips is at risk. 

The purpose of FileVault

Die FileVault-Technologie ist im Grunde so konzipiert, dass die gesamte Festplatte verschlüsselt wird. Dabei wird standardmäßig die AES128-Bit-XTS-Standard Verschlüsselung verwendet. Doch das Festplattendienstprogramm hält auch die AES256-Bit-XTS Version bereit, also eine Verschlüsselung auf Militärniveau, die den Mac zu 100 Prozent sicher macht. Einem neuen Bericht von The Register zufolge sei allerdings genau dieses “Feature” in Gefahr. Eine brandneue hardwarebasierte Schwachstelle in Intel-Chips kann FileVault angreifbar machen, da die Sicherheitslücke unpatchbar sein soll. Ersten Erkenntnissen zufolge könnten Angreifer den Startvorgang des Macs kompromittieren, um Zugang zu den Codes zu erhalten, die für die Verschlüsselung der Festplatte verantwortlich sind. Das Problem wird dabei wie folgt explained: 

The problem revolves around cryptographic keys that, if obtained, can be used to break the root of trust in a system. Buried deep inside modern Intel chipsets is what is known as the Management Engine, or nowadays the Converged Security and Manageability Engine (CSME).

Like a digital janitor, the CSME works behind the scenes, beneath the operating system, hypervisor, and firmware, performing many important low-level tasks such as booting up the computer, controlling power levels, starting the main processor chips, verifying and booting the motherboard's firmware, and providing cryptographic functions. The engine is the first thing that runs when a machine is turned on. One of the first things it does is set up memory protections on its own built-in RAM so that other hardware and software cannot interfere with it. However, these protections are disabled by default, so there is a tiny time gap between when a system is turned on and the CSME executing the code in its boot ROM that installs these protections, which come in the form of input-output memory management unit (IOMMU) data structures called page tables.

During this time gap, other hardware - physically connected or present on the motherboard - capable of firing a DMA transfer into the CSME's private RAM can overwrite variables and pointers and take over execution. At this point, the CSME can be seized for malicious purposes without the software running on top of it noticing. It's like a sniper shooting a sliver of a target while shooting past small cracks in a wall. The DMA write race can be attempted when the machine is powered on or awakens from sleep. If someone manages to extract this hardware key, they can unlock the chipset key and, with code execution within the CSME, undo Intel's root of trust in large product areas at once. When this happens, total chaos will reign. Hardware IDs will be spoofed, digital content will be extracted, and data from encrypted hard drives will be decrypted.

Therefore, the Mac should not be released

Der Exploit ist also nicht nur hardwarebasiert sondern er gilt auch als unpatchbar. Wer seinen Mac an Dritte weitergibt, macht sich dadurch angreifbar, da die Sicherheitslücke nur ausgenutzt werden kann, wenn Angreifer physischen Zugang zum Gerät erhalten. Intels Ratschlag lautet dabei – die betroffenen Geräte müssen in “physischem Besitz” des Eigentümers bleiben. Doch nicht alle Macs sind davon betroffen. Dem Bericht zufolge seien Apple Geräte mit den Sicherheitschips T1 und T2 nicht beeinträchtigt, da diese beim Hochfahren des Macs noch vor dem Intel-Chip greifen und die FileVault-Verschlüsselungscodes in der “Secure Enclave” gespeichert sind. Demnach sind nur “ältere” Geräte von dem Problem betroffen. (Photo by Jakub Jirsak / Bigstockphoto)

  • Kr00k: Security flaw discovered in Wi-Fi encryption
Add Apfelpatient to your Google News Feed. 
Was this article helpful?
YesNo
Via: The Register
Tags: Macsecurity gap
Previous Post

Backup: WhatsApp tests new security feature

Next Post

Apple recommends employees work from home

Next Post
CUPERTINO, CALIFORNIA, UNITED STATES - NOV 26th, 2018: People at the Apple Park Visitor Center in Silicon Valley explore the new Apple Offices using a scaled-down replica of the campus and a virtual reality program

Apple recommends employees work from home

Apple AI

Apple and the AI transformation: What role does Giannandrea play?

May 19, 2025
Apple Siri product announcements

Apple changes its product announcement strategy

May 19, 2025
Apple Siri

Report: Apple allows alternatives to Siri on EU devices

May 19, 2025

About APFELPATIENT

Welcome to your ultimate source for everything Apple - from the latest hardware like iPhone, iPad, Apple Watch, Mac, AirTags, HomePods, AirPods to the groundbreaking Apple Vision Pro and high-quality accessories. Dive deep into the world of Apple software with the latest updates and features for iOS, iPadOS, tvOS, watchOS, macOS and visionOS. In addition to comprehensive tips and tricks, we offer you the hottest rumors, the latest news and much more to keep you up to date. Selected gaming topics also find their place with us, always with a focus on how they enrich the Apple experience. Your interest in Apple and related technology is served here with plenty of expert knowledge and passion.

Legal

  • Imprint – About APFEPATIENT
  • Cookie Settings
  • Privacy Policy
  • Terms of Use

service

  • Partner Program
  • Netiquette – About APPLEPATIENT

RSS Feed

Follow Apfelpatient:
Facebook Instagram YouTube threads
Apfelpatient Logo

© 2025 Apfelpatient. All rights reserved. | Sitemap

No Result
View All Result
  • Home
  • News
  • Rumors
  • Tips & Tricks
  • Tests & Experience Reports
  • Generally

© 2025 Apfelpatient. All rights reserved. | Page Directory