Apple Reacts to Unfixable Chip Exploit
Vložit
- čas přidán 19. 06. 2024
- Researchers just discovered a vulnerability built in to Apple’s new M series chips. But don’t worry, it can’t be fixed and only affects... all their computers.
ARTICLE: mashable.com/article/apple-si...
Low Level Learning’s Video on it: • researchers find unfix...
SUPPORT: funkytime.tv/patriot-signup/
MERCH: funkytime.tv/shop/
FUNKY TIME WEBSITE: funkytime.tv
FACEBOOK: / samtimenews
TWITTER: / samtimenews
INSTAGRAM: / samtimenews
-----------------------------------
'Escape the ordinary. Embrace the FUNKY!'
-----------------------------------
SAMTIME is a parody channel and does not represent the tech company featured.
For sponsorship enquiries: samtime@bossmgmtgrp.com
For other business enquiries: business@funkytime.tv
Copyright FUNKY TIME PRODUCTIONS 2024 - Komedie
Lol using doggos to explain computer processes is next level creativity!
🍜
I'm more glad Apple is getting boned by Spectre/Meltdown exploits.
They really thought they were special, didn't they?
This guy uses them to explain computer processes, over on Snapchat well, yeah um if you know you know!
the black one
Apple knows a great deal about cash/ cache.... kaching!!! 😂😂😂
Plot Twist
This is an intentional design feature for siphoning even more your money off.
@@MP-vc4nu this kind of evil thing is easily possible for apple.
@@MP-vc4nu So more cashing huh 🤣
HEY THAT WAS IN THE CLIP
dynamic cashing 😂
Apple is so anti-repair, they can't even repair their own computers. They're getting a taste of their own medicine.
This vulnerability is in the CPU itself. Even Macs were as modular as a Framework laptop (which they're not), you still wouldn't be able to replace the CPU without swapping out the entire motherboard. That's a possibility on PC desktops (particularly towers), but not so much laptops.
@@alvallac2171 But I think replacing a motherboard with the cpu is better than replacing the whole laptop, right? Costs less and less e-waste (although personally I don't care for e-waste...).
@@alvallac2171What's the point of mudularity if all the components are serialised lol.
@@alvallac2171Now it's common to have the cpu soldered to the motherboard, but then years agon it was usual for some of then to be replaceable. I still use my HP Elitebook 8560p that could have its cpu upgraded, instead I upgraded the motherboard (thanks HP for keeping the same frame for the 8570p). Replacing things on this laptop is easy. Too bad HP choose to follow Apple trend after a couple of years…
@@karthikeyan53 With All the soldered and serialised components, and Apples policy of repairing the whole computer even if its only a small component thats defective, renders them uneconomical to repair. Apple products are literally designed to be thrown in the bin, like some cheap chrome book ! And Apple is charging thousands of dollars for them, its outrageous !
I need to fire sam tucker asap
Username checks out.
the dogs in the water was the best computational explanation I've seen all year
wait macs are getting hacked so much for apples being safer then pc's🤣🤣🤣
Don't worry, no one can steal your money because there is nothing left once you buy Mac
*a Mac. (means Macintosh)
MAC = acronym that stands for Media Access Control (a computer networking term)
@@alvallac2171🤓☝🏻
@@alvallac2171I thought it was Mac n cheese. That's for the 'correction'
😂
The Gill Bates joke was pretty funny. 😂
Made me lol.
Epstein would have approved.
Ain't their lawyers already busy with all the lawsuits? 😂😂😂 Call Tim
yeah step one buy a m3 mac book step 2 take them to court🤣
My day got 10 times better
So did mine 😂😂
..and mine!
They need direct access to your computer, you're not getting hacked.
@@will.gallegos calm down precious - we are just having some fun!
"should we call an engineer ?" No call an Apple store and prepare them to sell suckers replacement macbooks
Not gonna lie, I’ve got to watch this video again. As soon as the dogs showed up in the pool my brain checked out and they were all I could focus on. 😁
at least when you get a pc you know what your getting yourself into with apple they lie to you into thinking your safe so your made vulnerable to hackers due to thinking that your safe instead of at risk
the dogs in the pool was top hahaha
That Bill Gate joke tickled me 😂
The exploit is highly theoretical. Not an Apple fanboy here, but if you read the paper you realize that this is only realistically working in a lab. Even with direct access to the processor, a process would have to be reusing the same key for hours for it to be leaked, because the speed at which data is extracted is incredibly low and data stays in the cache only for a brief amount of time (definitely not several minutes, which is the minimum amount of time required to leak some of the shorter keys shown in the paper)
would sophisticated code work?. seems like you implied a brute force
@@kentutwangi9216brute force is a given, never implied.
@@kentutwangi9216 what would "sophisticated code" be? Lol, I love it when non techies try to sound like they know what they're talking about. No, the data rate is fixed.
@@kentutwangi9216 also this has nothing to do with a brute force. It's just really slow.
Ha ha. "Not an Apple fanboy" Who else would bother to write over 100 words in defence against a parody😁
i heard tim cook was into backdoors but i didnt think they meant the CIA kind.....😲
Best joke here.
SAMTIME has inadvertently become my go-to tech news channel.
I like the analogy that a cache is like the chair in your bedroom where you put all your cloths. Its just faster than putting them back in the closet and out again.
Haha that dog jumping on the woman made my day😂
there's a similar type of attack strategy and reading info off the CPU cache called Spectre attack, and this affects almost every computer system, including desktops, laptops, mobile devices, Intel processors, AMD processors, ARM-based processors, and IBM processors. Here I'm not defending Apple but this is a fact you have to live with until whole speculative execution system is rewritten at the cpu architecture level.
Spectre WAS a problem with predictive branching, not with cache, and was fixed with a lower performance penalty than the one expected for Apple's chips.
@@itisabird all variants of Spectre and Meltdown problems haven't been solved, predictive execution is the main culprit but the final goal is same in both vulnerabilities, getting access of the data which were not meant to be accessible in the first place.
@@itisabird are Apple just gonna need to outright disable the cache?
@@DissociatedWomenIncorporatedI'd guess they'd need to emulate the cache with a layer of low level code, hence the performance penalty.
Perfect mastermind plan to make people buy M4
nope because the m2 and m1 have the vulnerability as well because they have the same cache design so the m4 will have it because apple put that in there to steal your bit coin first
funny you mention M3, but it also includes the M1, M2 and A14 chips as well as a i7 Raptor lake series of CPUs, keep up the video I love em.
It does not affect Intel CPUs according to the researchers behind it. Quote from their site: "Finally, we found that Intel's 13th Gen Raptor Lake microarchitecture also features a DMP. However, its activation criteria are more restrictive, making it robust to our attacks."
@@Krannski fair enough only skimmed through the paper.
I hope they just leave it unpatched rather than nurfing performance to fix it. If someone has local access to my computer, I already consider it pwnd
@@MagnesiumAddicts Local access comes over the network. There's a reason it's called a vulnerability. I guess you've been pwnd.
0:10 I unconsciously replace your face with Tim Cook's. Kinda fitting with Tim's expression and his action 😂
M3 has a flag that can be set to defeat the vulnerability, but at the cost of performance. M2/M1 does not have the flag.
was not expecting a video on this so bravo & thanks
Thanks for your wallet, we can't fix your computer.
Great video! Loved the little skit at the end. Also the information about super vulnerable computers and whatever.
the cache joke sob
List of all the hackers who have used this exploit:
Bonus points for all the cute dog footage.
apple’s supposed to be even more secure than a windows pc yet it has an unpatchable exploit
That's just Apple marketing/hype I believe. Technically there are less MacOS systems than Windows around the world so statistically less hacked/hackable. If you put a real hacker in front of either and they're as insecure as each other imo.
Doesn't matter how secure the computer is when the end user is an absolute moron 99% of the time :)
@@SamHocking That's what I'm telling Mac and Linux users for years now.
One more point is that Apple devices don't manage huge accounts or datas.
Though, in recent years we see Apple device hacking. Not because they become more vulnerable. They just hold monetizable datas. Like for PC, any system that hold highly monetizable datas will be hacked at some point. Security is relative a cybercrime is mostly focused on coercion and ransoming.
@@SamHockingNot really though. MacOS is indeed more secure, just going by the fact that their codebase is cleaner(say hello pure bsd ancestry), has less bloat and bs to support(PC low level standarts are A BIG mess, just look at acpi), not that much focus on user maintained network services and rather good security policy baked in to boot(kinda like properly configured selinux or apparmor). Windows on the other hand is just a bloody and bruised mess at this point, though they do a VERY good job at actually securing your stuff despite that, so finding exploits in either is still tough.
@@Shonicheck It's amazing how Apple sell a story based on statistical truth, but twist the context to mean something those statistic don't actually mean. Believe me, MS's footprint is much larger than Apple, so it's more susceptible to attacks, malware and virus because the platform is targeted so,, it's mostly a numbers game, there's nothing at a code level more or less susceptible, in either OS.
Good one. Although, I will come back here tomorrow... just to double check!
More dogs in pools!
It’s a feature baked into the chip courtesy of Apple’s long running collaboration with the US regime.
Tell me you know nothing about this exploit without telling you know nothing about this exploit.
@@backupplan6058 you are the one who knows nothing about it, so just
@@tullo5564 so you know what speculate execution is then and how it relates to this exploit? Please go ahead, I will wait.
Sounds very similar to the pre-emptive issue with meltdown and spectre vulnerabilities from Intel. Apple should have paid attention to Intel.
It’s not just pre-emptive issues, it’s basic common sense.
The real capable inventors and creators seems to be all dead, and there are probably a lot real talent people but they are ran down literally.
Instead you have 100k + paid jobs that are done worse than a literal copycat AI.
I see Intel wasn’t even stupid enough to do this architecture at all,
Even a 7 years old kid can tell you crap like this would had happened, you don’t just slap unification architecture and call it a genius unless it is literal run by AI to protect itself, even so it’s 💩 idea in long run.
Ironic you say they should have paid attention to Intel, it will be Intel that pushing the story about the M chips vulnerability, you see Apple officially stopped using Intel Chips this month while the news of the M chips exploit was originally published by MIT news back in 2022. It's an old story.
I now better understand the issue using your doggo references. Thank you.
0:50 lmao, the sledge hammer pliers to tweak the SSD
I work in IT Security and Scan for vulnerabilities of many companies networks every week…. This vulnerability is relatively small compared with the software vulnerabilities we report weekly. I use a Mac and when compared with Windows Machines over the last two years of reporting..it’s almost always at the very bottom of the list of “Riskiest Assets” in our organization.
Wow. Huey's Cooking flashback, absolutely magnificent. I was just talking about him the other day
Wasn't there a browser based JavaScript code that can siphon cryptographic secrets from unified memory and cache
Samsung watching the M series Exploit and saying "What an Ammmmazing moment"
Call a lawyer 😂😂😂😂😂
Dude, I am an Apple user (too sunk into the system), I absolutely love your content. Subscribed.
Sam should totally sell out. He is starting to restore peoples faith in individual creators and intelligent talent.
You get extra points for the small PP joke! 😂 Bill Gates!
Best Bill Gates IP joke!
BG sticking P into "small places" joke ;)
Thank God I'm too poor to own anything from Apple.
RIP ipod classic and ipod touch...😞
Call a lawyer 😂
When you don't understand cache prefetching and try hiding it by adding extra dogs in the video 🐕🐕🐕
Never knew swimming naughty dogs and 'sploits had so much in common...
One thing he forgot to mention. In order for someone to use these exploits they would need to not only have physical access to the computer and the tools and know how to get the keys off.
But you MUST have the dog catcher grabbing hold of the dog for some time!
Only SamTime can sneak past a "little Richard" joke at a famous wealthy guy and get away with it. Long Live SamTime !
Something disastrous happens *every* time a computer company gets the bright idea that they can make a GPU or CPU or memory controller better than a company that only makes CPU/GPU/controller chips. I've got so many examples now, I have to write them down.
If latops were designed sustainably none of them would cost more than $800.
Didn't Intel and amd have something similar before?
Occasionally. The likes of SPECTRE have mitigations though.
It's a local bug. Good thing apple computers aren't frequent targets of theft.
That "cache" pun caught me off guard not gonna lie
"It's your fault, buy our new and more expensive gadget" - Apple.
Is this the April's Fool?
... some AppleBoys will think so...
M chips do have ability to turn off the unsafe memory fetch optimization, there is a “chicken switch off” built in for that purpose.
They really should do a recall, but there's too much money in lobbying for that to ever happen.
You really got me in the first half 😅
+1000 for a second of Huey’s cooking
Few years ago x86 world went through quite the same with Spectre vulnerability. For most CPU you can only mitigate it and a full fix isn't possible with updates. That is why Microsoft released a Spectre mitigated runtime to address this vulnerability, but it comes at the expense of performance in some cases.
Who’d have thought that putting everything on a single chip would be a problem 😂
In the M4, the dog video can illustrate how the bug was fixed too.
it won't be fixed in the M4. or M5.
i thought they said you can fix is with/in software with the down side of that being that you take significant performance hit. all they have to do is just give up the title of the fastest and drop couple places in benchmark ranking.
Spoiler alert: latest Intel chips have a very similar bug 🐞
0:04 Apple is also a personal computer. It doesn't matter what chip or OS, really, as long as it's a personal computer. PC. You know, Apple vs...everything else.
My dog is the "naughty little exploit" in this story.
Luckily for the hackers someone always has local access to your macbook - they're often willing to run whatever the hackers give them. 😞
Techically under Australian consumer law wouldn't this not be fit for purpose if someone uses there computer for something like crypto? Curious.
Its not up to the consumer to fix it or just deal with it.
That Bill Gates joke: priceless 😂
This isn’t new though. And what wasn’t mentioned were the extremely low rates of information extraction
Time to disable side loading for mac too...
Someone should explain to the chips they were designed and tested by the most diverse group of "engineers" in history.
My processor's so old it's still vulnerable to Meltdown and Spectre.
You should never allow your dog to get into your pool.
An exploit about as exploitable as if on a certain Sunday of the year, the average price of a granny smith Apple in Botswana reached $2.32, and a new Mission Impossible movie was opening, then and only then someone might be able to peak through your peep hole and see if they could pull some out of your house through it.
Lucky though they have to have physical access to your computer. So just don't get your computer stolen.
You should write your code so it does not put keys into cache, possible with little effort in C++ and ASM.
You overdid it with the B-Roll.
Call a lawyer😂😂😂
Please add more dogs in all your videos 😂❤
Hahaha really funny I don't normally like silly videos but this is funny apple 3nm and bill gate bits pmsl
if only apple would go the same say as their apple car and apple TV lol
That's called a 'flawture' 😂
So the real question is, do you think it was accidental that this exploit was placed into the system or did some group like the NSA or the FBI have one of their tech guys in bedded in the company or maybe it was somebody else like the Chinese?
Huey's work on the M3 microarchitecture is what made those chips so tasty!
You can’t fool me; I know that’s Bixby in a dog outfit!
Still bought an M3 because there is a Microcode bit which deactivates the preemtive fetching which makes the side channel attack possible at all. So on system level (kernel for encryption) or on user level (software handling keys turns the fetch off) is a solution with limited impact.
M1/2 MAY have that bit too. Not even the people who discovered this know it exactly. So calm you concerns.
Thank god. I thought this man had become a sellout after the last video.
where is your faith
The exploit can only be accessed from within the device, not remotely.. So an attacker would already need to have open access to the device, unlike Intel's Management Engine backdoor system that's specifically designed to allow access without the user's consent.
Uve gon down in weight right!? Ur lookin good❤ keep it upp king
ifixit will probably come with a "nano screwdriver" to fix it.
Apple might sue you for this one.
You're chipping it wrongly 😂
This is hilarious considering their iMessage PQ3 announcement
Funny as always 😊
2:39 I don’t know why, but if this part of the video it just occurred to me… what if Apple did this on purpose? I mean, think about it. Vulnerability that requires physical access. Um, I don’t know instead of coming up with the program or whatever when you computer is seized by law enforcement or the government! We all know governments don’t like encryption, privacy, freedom etc
It's not true that is requires direct access to the computer, it can be run remotely, like any other malicious software that manages to infiltrate your system.
Cyberdog, go fetch data!!!
1:00 aye yooo that’s outta pocket