626
submitted 8 months ago by mox@lemmy.sdf.org to c/technology@lemmy.world

The attack has been dubbed GoFetch: https://gofetch.fail/

you are viewing a single comment's thread
view the rest of the comments
[-] TechNerdWizard42@lemmy.world -3 points 8 months ago

The more probable answer is that the NSA asked for the backdoor to be left in. They do all the time, it's public knowledge at this point. AMD and Intel chips have the requisite backdoors by design, and so does Apple. The Chinese and Russian designed chips using the same architecture models, do not. Hmmmm... They have other backdoors of course.

It's all about security theatre for the public but decrypted data for large organizational consumption.

[-] Spedwell@lemmy.world 6 points 8 months ago

I don't believe that explanation is more probable. If the NSA had the power to compell Apple to place a backdoor in their chip, it would probably be a proper backdoor. It wouldn't be a side channel in the cache that is exploitable only in specific conditions.

The exploit page mentions that the Intel DMP is robust because it is more selective. So this is likely just a simple design error of making the system a little too trigger-happy.

[-] TechNerdWizard42@lemmy.world 2 points 8 months ago

They do have the power and they do compel US companies to do exactly this. When discovered publicly they usually limit it to the first level of the "vulnerability" until more is discovered later.

It is not conjecture, there is leaked documents that prove it. And anyone who works in semiconductor design (cough cough) is very much aware.

this post was submitted on 22 Mar 2024
626 points (98.9% liked)

Technology

59648 readers
1516 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS