We learned last year that a fundamental Intel chip defect that would have been fixed actually leaves machines vulnerable to variations in Specter and Meltdown. Now a whole new problem has been discovered which is impossible to link and could make SSD encryption useless like Apple’s FileVault on pre-T1 or T2 Macs…
FileVault is designed to encrypt your entire drive. By default, it uses the XTS AES128 bit standard, a form of strong encryption, but the Disk Utility also gives you the option to use a military grade XTS AES256 bit instead, which should leave the machine 100% secure…
the Register reports that an entirely new chip vulnerability has been discovered in Intel chips, which is impossible to fix. This potentially allows an attacker to compromise the boot process to gain access to the keys used to encrypt the drive.
This is a fairly technical problem, as you can imagine. It is described below, but the tl version; dr is that the very first thing to do when a machine is turned on is a security circuit which, among other things, manages the encryption keys of the reader. Inject code fairly quickly and you have complete control of this circuit, including access to these keys.
The problem revolves around cryptographic keys which, if obtained, can be used to break the root of trust in a system.
At the heart of modern Intel chipsets is what is known as the management engine, or today, the Security and Converged Management Engine (CSME) […]
Like a digital concierge, the CSME works in the background, under the operating system, the hypervisor and the firmware, performing many crucial low-level tasks, such as setting up the computer, controlling power levels , start the main processor chips, check and start the motherboard firmware and provide cryptographic functions. The engine is the first thing to run when a machine is on.
One of the first things it does is set up memory protections on its own built-in RAM so that other hardware and software cannot interfere with it. However, these protections are disabled by default, so there is a small time interval between a powered-up system and the CSME running the code in its boot ROM which installs these protections, which come in the form of a unit of management of the input-output memory (IOMMU) data structures called page tables.
During this time, other hardware – physically connected or present on the motherboard – capable of triggering a DMA transfer in the private RAM of the CSME can do it, overwriting the variables and pointers and diverting its execution. At this point, the CSME can be requisitioned for malicious purposes, without the software running above it.
It’s like a sniper shooting a target shard as he walks past small cracks in a wall. DMA write run can be attempted when the machine is on or wakes up from sleep […]
If someone succeeds in extracting this hardware key, however, they can unlock the chipset key and, with code execution within CSME, they can undo Intel’s trusted root on large tracts of products to that time […]
“When this happens, total chaos will prevail. The hardware identifiers will be falsified, the digital content will be extracted and the data on the encrypted hard disks will be decrypted. “
Because it is a code flaw built into all current Intel chips and the exploit would be used before the machine approaches booting of the operating system, nothing can be done to get it right. protect against it.
Incredibly, security researchers discovered the flaw simply by carefully reading the documentation of the boot process!
Intel’s advice is to “keep physical possession” of your machines. Well yes.
Update: Intel has released a brief statement:
Intel has been notified of a vulnerability that could affect the Intel converged security management engine, in which an unauthorized user with specialized physical and physical access could execute arbitrary code within the Intel CSME subsystem on certain products. Intel. Intel has released mitigations and recommends keeping the systems up to date. Additional advice specific to CVE-2019-0090 can be found here.
Macs with the T1 or T2 chip should not be affected, since this chip powers on before Intel’s, and the FileVault encryption key is stored in the secure enclave inside this chip.
It is not the first time that we have seen a flaw that makes even FileVault-protected Macs vulnerable to attack. An earlier flaw was discovered in 2018, although the T2 chip in the latest Macs also protects against it.
The discovery of another fundamental Intel chip flaw gives new impetus to Apple’s purported intention to gradually move Macs from Intel-based machines to those running custom ARM chips, just like iOS devices. We expect to see the first such machine launched, possibly as a replacement for the abandoned 12-inch MacBook, in 2021.
FTC: We use automatic affiliate links to generate income. More.
See 9to5Mac on YouTube for more information on Apple: