{"671156":{"#nid":"671156","#data":{"type":"news","title":"Researchers Break Apple\u2019s New MacBook Pro Weeks After Release","body":[{"value":"\u003Cp\u003EA Georgia Tech researcher has successfully evaded security measures on Apple\u2019s latest MacBook Pro with the M3 processor chip to capture his fictional target\u2019s Facebook password and second-factor authentication text.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EBy the end of his demonstration video, Ph.D. student\u0026nbsp;\u003Cstrong\u003EJason Kim\u003C\/strong\u003E\u0026nbsp;showed how the recently discovered iLeakage side-channel exploit is still a genuine threat to Apple devices, regardless of how updated their software might be.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EFirst discovered by Kim and\u0026nbsp;\u003Cstrong\u003EDaniel Genkin\u003C\/strong\u003E, an associate professor in the\u0026nbsp;\u003Ca href=\u0022https:\/\/scp.cc.gatech.edu\/\u0022\u003ESchool of Cybersecurity and Privacy\u003C\/a\u003E, the vulnerability affects all recent iPhones, iPads, laptops, and desktops produced by Apple since 2020.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EiLeakage allows attackers to see what\u2019s happening on their target\u2019s Safari browser. This vulnerability allows potential access to Instagram login credentials, Gmail inboxes, and YouTube watch histories, as Kim demonstrated last month on a slightly older MacBook Pro.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Cstrong\u003E\u201c\u003C\/strong\u003EA remote attacker can deploy iLeakage by hosting a malicious webpage they control, and a target just needs to visit that webpage,\u201d said Kim. \u201cBecause Safari does not properly isolate webpages from different origins, the attacker\u0027s webpage is able to coerce Safari to put the target webpage in the same address space. The attacker can use speculative execution to subsequently read arbitrary secrets from the target page.\u201d\u003C\/p\u003E\r\n\r\n\u003Cp\u003EHow is this possible? Well, as manufacturers developed faster and more efficient CPUs, their devices have become vulnerable to something called speculative execution attacks. This vulnerability is in the design of the chip itself. It has led to major software issues since the Spectre attack was reported in 2018.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThere have been many attempts to stop these types of attacks, but Kim and Genkin show through their\u0026nbsp;\u003Ca href=\u0022https:\/\/architecture.fail\/\u0022\u003Eresearch\u003C\/a\u003E\u0026nbsp;that more work still needs to be done.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u201ciLeakage shows these attacks are still relevant and exploitable, even after nearly six years of Spectre mitigation efforts following its discovery,\u201d said Genkin. \u201cSpectre attacks coerce CPUs into speculatively executing the wrong flow of instructions. We have found that this can be used in several different environments, including Google Chrome and Safari.\u201d\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe team made Apple aware of its findings on Sept. 12, 2022. Since then, the tech company has issued mitigation for iLeakage in Safari. However, the researchers note that the update was not initially enabled by default. It was only compatible with macOS Ventura 13.0 and higher as of today.\u003C\/p\u003E\r\n\r\n\u003Cp\u003ESo far, the team does not have evidence that real-world cyber-attackers have used iLeakage. They\u2018ve determined that iLeakage is a significantly difficult attack to orchestrate end-to-end, requiring advanced knowledge of browser-based side-channel attacks and Safari\u0027s implementation.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe vulnerability is confined to the Safari web browser on macOS because the exploit leverages peculiarities unique to Safari\u0027s JavaScript engine. However, iOS users face a different situation due to the sandboxing policies on Apple\u0027s App Store. The policies require other browser apps using iOS to use Safari\u0027s JavaScript engine, making nearly every browser application listed on the App Store vulnerable to iLeakage.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u003Ca href=\u0022https:\/\/ileakage.com\/\u0022\u003E\u003Cem\u003EiLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices\u003C\/em\u003E\u003C\/a\u003E\u0026nbsp;will be published at the\u0026nbsp;\u003Ca href=\u0022https:\/\/www.sigsac.org\/ccs\/CCS2023\/index.html\u0022\u003E2023 ACM SIGSAC Conference on Computer and Communications Security\u003C\/a\u003E\u0026nbsp;later this month.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EAlong with Kim and Genkin,\u0026nbsp;\u003Cstrong\u003EStephan van Schaik\u003C\/strong\u003E\u0026nbsp;of the University of Michigan and\u0026nbsp;\u003Cstrong\u003EYuval Yarom\u003C\/strong\u003E\u0026nbsp;of Ruhr University Bochum co-authored the paper.\u003C\/p\u003E\r\n","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003EGeorgia Tech cybersecurity and privacy researchers have uncovered a significant threat that exploits a vulnerability in the Safari web browser. The vulnerability affects all recent iPhones, iPads, laptops, and desktops produced by Apple since 2020.The research team is presenting its findings at\u0026nbsp;the\u0026nbsp;\u003Ca href=\u0022https:\/\/www.sigsac.org\/ccs\/CCS2023\/index.html\u0022\u003E2023 ACM SIGSAC Conference on Computer and Communications Security\u003C\/a\u003E\u0026nbsp;later this month.\u003C\/p\u003E\r\n","format":"limited_html"}],"field_summary_sentence":[{"value":"Georgia Tech cybersecurity and privacy researchers have uncovered a significant threat that exploits a vulnerability in the Safari web browser"}],"uid":"32045","created_gmt":"2023-11-20 14:48:24","changed_gmt":"2024-05-13 14:42:07","author":"Ben Snedeker","boilerplate_text":"","field_publication":"","field_article_url":"","dateline":{"date":"2023-11-20T00:00:00-05:00","iso_date":"2023-11-20T00:00:00-05:00","tz":"America\/New_York"},"extras":[],"hg_media":{"672411":{"id":"672411","type":"image","title":"Associate Professor Daniel Genkin and Ph.D. student Jason Kim from Georgia Tech\u0027s School of Cybersecurity and Privacy","body":null,"created":"1700491713","gmt_created":"2023-11-20 14:48:33","changed":"1700491713","gmt_changed":"2023-11-20 14:48:33","alt":"Associate Professor Daniel Genkin and Ph.D. student Jason Kim from Georgia Tech\u0027s School of Cybersecurity and Privacy","file":{"fid":"255643","name":"Genkin and Kim web.jpg","image_path":"\/sites\/default\/files\/2023\/11\/20\/Genkin%20and%20Kim%20web.jpg","image_full_path":"http:\/\/hg.gatech.edu\/\/sites\/default\/files\/2023\/11\/20\/Genkin%20and%20Kim%20web.jpg","mime":"image\/jpeg","size":60331,"path_740":"http:\/\/hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/2023\/11\/20\/Genkin%20and%20Kim%20web.jpg?itok=ubVVCFtP"}}},"media_ids":["672411"],"groups":[{"id":"47223","name":"College of Computing"},{"id":"430601","name":"Institute for Information Security and Privacy"},{"id":"1188","name":"Research Horizons"}],"categories":[{"id":"153","name":"Computer Science\/Information Technology and Security"},{"id":"135","name":"Research"},{"id":"8862","name":"Student Research"}],"keywords":[{"id":"187915","name":"go-researchnews"},{"id":"10199","name":"Daily Digest"}],"core_research_areas":[{"id":"145171","name":"Cybersecurity"}],"news_room_topics":[{"id":"71881","name":"Science and Technology"}],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003EJP Popham\u003C\/p\u003E\r\n\r\n\u003Cp\u003ECommunications Officer\u003C\/p\u003E\r\n\r\n\u003Cp\u003ESchool of Cybersecurity \u0026amp; Privacy\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ejohn.popham@cc.gatech.edu\u003C\/p\u003E\r\n","format":"limited_html"}],"email":[],"slides":[],"orientation":[],"userdata":""}}}