SLAP and FLOP Side-Channel Attacks

Jason Kim et al. (Hacker News, MacRumors, Slashdot):

We present SLAP, a new speculative execution attack that arises from optimizing data dependencies, as opposed to control flow dependencies. More specifically, we show that Apple CPUs starting with the M2/A15 are equipped with a Load Address Predictor (LAP), which improves performance by guessing the next memory address the CPU will retrieve data from based on prior memory access patterns.

However, if the LAP guesses wrong, it causes the CPU to perform arbitrary computations on out-of-bounds data, which should never have been accessed to begin with, under speculative execution. Building on this observation, we demonstrate the real-world security risks of the LAP via an end-to-end attack on the Safari web browser where an unprivileged remote adversary can recover email content and browsing behavior.

[…]

We present FLOP, another speculative execution attack that results from recent Apple CPUs predicting the outcome of data dependencies. Here, we demonstrate that Apple's M3/A17 generation and newer CPUs are equipped with a Load Value Predictor (LVP). The LVP improves performance on data dependencies by guessing the data value that will be returned by the memory subsystem on the next access by the CPU core, before the value is actually available.

If the LVP guesses wrong, the CPU can perform arbitrary computations on incorrect data under speculative execution. This can cause critical checks in program logic for memory safety to be bypassed, opening attack surfaces for leaking secrets stored in memory. We demonstrate the LVP's dangers by orchestrating these attacks on both the Safari and Chrome web browsers in the form of arbitrary memory read primitives, recovering location history, calendar events, and credit card information.

omcnoe:

Their SLAP demo provides a great example of how defence-in-depth can make/break the viability of an exploit. That terrifying Safari demo is possible because Safari fails to isolate new windows in individual processes when calling window.open in js.

All the other side channel magic presented here doesn’t matter if the data you want to read is in a seperate process with sufficient separation from the “hostile” process in the address space.

MikeHolman:

I worked on a browser team when Spectre/Meltdown came out, and I can tell you that a big reason why Firefox and Chrome do such severe process isolation is exactly because these speculative attacks are almost impossible to entirely prevent. There were a number of other mitigations including hardening code emitted from C++ compilers and JS JITs, as well as attempts to limit high precision timers, but the browser vendors largely agreed that the only strong defense was complete process isolation.

Of course, third-party iOS browsers are not allowed to innovate on security, except possibly in the EU.

Bill Toulas:

Apple acknowledged the shared proof-of-concept and stated it plans to address the issues. However, at the time of writing, the flaws remain unmitigated.

Previously:

• SysBumps Attack
• DMA Compliance: Alternative Browser Engines
• iLeakage: Browser-Based Timerless Speculative Execution Attacks on Apple Devices
• PACMAN Attack on M1 Processor
• Apple Silicon “Augury” DMP Vulnerability
• The Time to Fix Web Security Bugs
• M1racles: M1ssing Register Access Controls Leak EL0 State
• Microarchitectural Data Sampling (MDS) Mitigation
• Mitigating Spectre With Site Isolation in Chrome
• Intel CPU Design Flaw Necessitates Kernel Page Table Isolation

Apple A15 Apple A17 Pro Apple M2 Apple M3 Exploit iOS iOS 17 Mac macOS 14 Sonoma Privacy Processors ProtonMail Safari

Gulf of America

Todd Haselton (Hacker News):

Google said today that it plans to update Google Maps to reflect President Trump’s January 20th executive order to change the names of the Gulf of Mexico and Denali to the Gulf of America and Mount McKinley, respectively.

Eric Berger:

The order declared that, within 30 days, the Secretary of the Interior should take all appropriate actions to change the names of the prominent body of water and mountain. To do this, the database of name and location information published by the US Geological Survey, the Geographic Names Information System, should be updated accordingly. These files are revised on a bi-monthly basis.

“When that happens, we will update Google Maps in the US quickly to show Mount McKinley and Gulf of America,” the company said Monday.

Wesley Hilliard:

Apple has remained silent about the issue, but a change has been made, even if it is a small one. If users navigate to the Gulf of Mexico, it still shows the 400-year-old name plain as day.

However, if a user searches “Gulf of America,” the text over the Gulf changes to reflect the search result, but the information sheet shows data and photos about the Gulf of Mexico.

[…]

Google will change the name for United States users to Gulf of America. Users outside of the United States will see both names with one in parentheses, while people in Mexico will see only Gulf of Mexico.

Nick Heer:

However, it is pretty rich to think of Google as particularly concerned about the accuracy of names on its maps. It routinely invents names of neighbourhoods.

John Gruber:

Re-renaming Denali back to Mount McKinley seems like a no-brainer for the maps to comply with. A country names its own mountains. If Obama could rename it, Trump can re-rename it.

The Gulf of Mexico, though, is an international body of water, and its name wasn’t even debated until Trump started talking about it a few weeks ago. Google (and perhaps Apple) having a policy where they simply follow the naming conventions of the GNIS seems not merely sensible but utterly uncontroversial ... until now.

Adam Chandler:

In GIS, there are Places (POIs) and there are names but there are also historical names and local names. A lot of whatever streets in tiny towns around the world have dozens of alt names. As long as some news paper or town or historian called it that at some point in history, mapping companies capture it and store it under the place ID.

[…]

Until the next administration rescinds the Executive Order, it’s not unusual for an American company to comply with a place name change but that name may only display in certain geographies and the old name will still work.

John Gruber:

These are mapping and metadata nerds approaching the dilemma in the very nerdiest of ways. I found it rather soothing, and also quite informative — particularly the posts from Minh Nguyễn, who seems to be an OpenStreetMap super user.

Previously:

• TikTok Takedown
• Apple Changes Crimea Map When Viewed From Russia
• Taiwan Flag Removed from iOS Emoji Keyboard in Hong Kong
• macOS 10.14.4 Restricts Taiwan Flag Emoji in China
• Apple Fixed Bug That Crashed Devices When Typing ”Taiwan”

Apple Maps Google Maps iOS iOS 18 Mac macOS 15 Sequoia Maps OpenStreetMap Web

Repeating Calculator Operations

Juli Clover:

When you tap the equals sign twice, the app will now repeat the last mathematical operation.

[…]

Repeating operations were an option in the Calculator app prior to iOS 18, but iOS 18 removed the functionality.

I wonder what the story is here. This has been a standard feature of every physical calculator that I can remember. It’s not in System 1 or even System 7, though. Was it added with Mac OS X 10.0?

Previously:

• macOS 15.3
• iOS 18.3 and iPadOS 18.3

Calculator iOS iOS 18 Mac macOS 15 Sequoia System 7