Developer Hector Martin recently discovered an unfixable security flaw in the M1 chip powering the new iPad Pro, MacBook Air, MacBook Pro, Mac mini, and the redesigned iMac. Hector Martin believes that Apple (Apple) must have violated certain ARM architecture specifications when designing the M1 chip, thus creating unfixable vulnerabilities.
This vulnerability basically allows two applications to secretly exchange data, even if the user does not open the application, the data can be exchanged. Fortunately, HectorMartin also pointed out that this security flaw does not pose a serious security risk.
You might be thinking, can this still be called a “vulnerability”? Remember Apple’s recent push for user privacy, where app developers can’t sneakily track data as long as users don’t agree? The security flaw, which allows two apps to exchange data, means advertisers can exploit the loophole to track data across apps, but those who want to use it cannot steal personal data.
Hector Martin found that this vulnerability is not limited to the M1 device, but even the A14 chip used in the iPhone 12 has the same problem; this is because the A14 Bionic chip and the M1 chip are based on the same CPU microarchitecture. Hector Martin also believes that the vulnerability may also exist in the next-generation M1 chip (M1X).
“PhoneArena” reported that Apple is aware of the M1’s problems and admits that the problem exists.