Apple’s Silicon Woes: New SLAP and FLOP Attacks Crash the Party

Security researchers have uncovered SLAP and FLOP, two side-channel attacks targeting Apple silicon chips. By exploiting speculative execution, these attacks could reveal sensitive data from browsers like Safari and Chrome. While Apple has been informed, the vulnerabilities could potentially expose user emails, browsing history, and even credit card information. Watch out for SLAP and FLOP!

3P
Published: January 29, 2025 11:53 amAdded: January 29, 2025 at 4:20 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Apple’s silicon chips might be sleek and powerful, but it looks like they’re also prone to a little CPU gossip. These new side-channel attacks, SLAP and FLOP, are the tech equivalent of catching your chip red-handed snooping through your emails and calendar events. Time for Apple to batten down the hatches and stop their processors from moonlighting as secret agents!

Key Points:

  • Researchers uncovered two new side-channel attacks on Apple silicon, namely SLAP and FLOP.
  • SLAP targets the Load Address Predictor, while FLOP attacks the Load Value Predictor.
  • These attacks exploit speculative execution to access sensitive data from web browsers like Safari and Chrome.
  • The vulnerabilities could allow attackers to recover emails, browsing history, and even credit card information.
  • These findings add to a growing list of speculative execution-based vulnerabilities, like Spectre and iLeakage.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?