Source URL: https://www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/
Source: The Register
Title: SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon
Feedly Summary: It’s another cousin of Spectre, here to read your email, browsing history, and more
Many recent Apple laptops, desktops, tablets, and phones powered by Cupertino’s homegrown Silicon processors can be exploited to reveal email content, browsing behavior, and other sensitive data through two newly identified side-channel attacks on Chrome and Safari.…
AI Summary and Description: Yes
**Summary:** The text discusses two newly discovered speculative-execution side-channel attacks—SLAP and FLOP—targeting Apple’s custom Silicon processors. These attacks exploit vulnerabilities in browser security (Chrome and Safari) to potentially extract sensitive user data. The significance of this research lies in its implications for privacy and security, especially in the context of increasing reliance on cloud and browser-based applications.
**Detailed Description:**
The text centers on two significant vulnerabilities affecting Apple devices (laptops, desktops, tablets, and phones) powered by its Silicon processors. Security researchers identified these vulnerabilities as SLAP and FLOP, which could allow unauthorized access to sensitive user information, including emails and browsing behavior, via malicious webpages.
– **Attack Methodology**:
– **SLAP**: This attack exploits the Load Address Predictor (LAP) in processors like the M2 and A15. By manipulating the LAP, an attacker can access memory data across different browser tabs, effectively enabling one webpage to load and read data from another. A demonstration included hijacking Gmail’s inbox for potential data exposure.
– **FLOP**: This attack targets the newer Load Value Prediction (LVP) feature in processors (like M3 and A17). The LVP inaccurately predicts data values being returned from memory, making it vulnerable to type confusion attacks, allowing attackers to extract sensitive data (like location history from Google Maps) across browser sessions.
– **Implications for Security**:
– These attacks showcase inherent risks in speculative execution techniques used by modern CPUs, emphasizing that even discarded computations can lead to observable side effects, which can be exploited by malicious entities.
– The absence of Site Isolation in Safari and specific vulnerabilities in Chrome makes both browsers susceptible, emphasizing the need for improved browser security measures.
– **Potential Mitigations**:
– The researchers suggest several mitigations, including using the Data Independent Timing (DIT) bit in processors and implementing Site Isolation features in web browsers. Though mitigations exist, they may come with performance trade-offs (e.g., a 4.5% slowdown on Safari).
– **Broader Context**:
– This development underlines a critical challenge in maintaining security and privacy in cloud-dependent infrastructures and browser-based applications. The findings call for immediate attention from security professionals, developers, and hardware manufacturers to enhance defenses against emerging threats.
The potential for these vulnerabilities to compromise sensitive information significantly impacts compliance and security protocols. Security professionals must stay vigilant regarding the implications of speculative execution attacks and their relationship with data governance and privacy laws, reinforcing the necessity for robust threat mitigation strategies in emerging technologies.