We learned last year that a fundamental Intel chip flaw thought to have been fixed in fact still leaves machines vulnerable to variations on Spectre and Meltdown. Now, a completely new issue has been discovered that is unpatchable and could render useless SSD encryption like Apple’s FileVault on pre-T1 or T2 Macs …
FileVault is designed to encrypt your entire drive. By default, it uses the AES128-bit XTS standard, a strong form of encryption, but Disk Utility also gives you the option of instead using military-grade AES256-bit XTS, which ought to leave the machine 100% secure…
The Register reports that a brand new chip-level vulnerability has been discovered in Intel chips, which is impossible to patch. This potentially lets an attacker compromise the startup process to gain access to keys used to encrypt the drive.
It’s a pretty technical issue, as you might imagine. It’s described below, but the tl;dr version is that the very first thing to run when a machine is switched on is a security circuit which, among other things, manages encryption keys for the drive. Inject some code quickly enough, and you have complete control of that circuit, including access to those keys.
The problem revolves around cryptographic keys that, if obtained, can be used to break the root of trust in a system.
Buried deep inside modern Intel chipsets is what’s called the Management Engine, or these days, the Converged Security and Manageability Engine (CSME) […]
Like a digital janitor, the CSME works behind the scenes, below the operating system, hypervisor, and firmware, performing lots of crucial low-level tasks, such as bringing up the computer, controlling power levels, starting the main processor chips, verifying and booting the motherboard firmware, and providing cryptographic functions. The engine is the first thing to run when a machine is switched on.
One of the first things it does is set up memory protections on its own built-in RAM so that other hardware and software can’t interfere with it. However, these protections are disabled by default, thus there is a tiny timing gap between a system turning on and the CSME executing the code in its boot ROM that installs those protections, which are in the form of input-output memory-management unit (IOMMU) data structures called page tables.
During that timing gap, other hardware — physically attached or present on the motherboard — that is able to fire off a DMA transfer into the CSME’s private RAM may do so, overwriting variables and pointers and hijacking its execution. At that point, the CSME can be commandeered for malicious purposes, all out of view of the software running above it.
It’s like a sniper taking a shot at a sliver of a target as it darts past small cracks in a wall. The DMA write race can be attempted when the machine is switched on, or wakes up from sleep […]
If someone manages to extract that hardware key, though, they can unlock the Chipset Key, and, with code execution within the CSME, they can undo Intel’s root of trust on large swathes of products at once […]
‘When this happens, utter chaos will reign. Hardware IDs will be forged, digital content will be extracted, and data from encrypted hard disks will be decrypted.’
Because it’s a flaw in code embedded into all current Intel chips, and the exploit would be used before the machine gets anywhere close to booting the operating system, there is nothing that can be done to protect against it.
Unbelievably, security researchers uncovered the flaw simply by careful reading of the documentation of the startup process!
Intel’s advice is to “maintain physical possession” of your machines. Er, yeah.
Macs with the T1 or T2 chip should be unaffected, as that chip powers up before the Intel one, and the FileVault encryption key is stored in the Secure Enclave inside that chip.
It’s not the first time we’ve seen a flaw that leaves even FileVault-protected Macs vulnerable to attack. An earlier flaw was discovered in 2018, though the T2 chip in later Macs protects against that one too.
The discovery of another fundamental Intel chip flaw provides more impetus to Apple’s assumed intention to gradually move Macs from Intel-based machines to ones running custom ARM chips, just like iOS devices. We’re expecting to see the first such machine launched, possibly a replacement for the discontinued 12-inch MacBook, in 2021.