bitcoin
bitcoin

$72292.68 USD 

0.14%

ethereum
ethereum

$2631.27 USD 

-1.44%

tether
tether

$0.999891 USD 

0.04%

bnb
bnb

$584.91 USD 

-2.33%

solana
solana

$174.98 USD 

-0.51%

usd-coin
usd-coin

$1.00 USD 

0.03%

xrp
xrp

$0.518680 USD 

-0.59%

dogecoin
dogecoin

$0.171098 USD 

1.88%

tron
tron

$0.170227 USD 

1.45%

cardano
cardano

$0.358563 USD 

1.60%

toncoin
toncoin

$4.93 USD 

-1.80%

shiba-inu
shiba-inu

$0.000019 USD 

0.55%

avalanche
avalanche

$25.70 USD 

-1.99%

chainlink
chainlink

$12.03 USD 

0.13%

bitcoin-cash
bitcoin-cash

$375.65 USD 

1.65%

加密貨幣新聞文章

蘋果 M 系列晶片漏洞:加密資產面臨風險

2024/03/24 06:53

Apple 為其最新設備提供支援的 M1、M2 和 M3 系列晶片中新發現的漏洞使用戶面臨潛在的加密盜竊風險。 「GoFetch」漏洞允許攻擊者操縱 CPU 竊取加密金鑰,這對於 Apple 裝置上的資料隱私和軟體加密錢包至關重要。該漏洞針對擁有大量加密貨幣的高價值目標,並對網頁瀏覽器加密和 MetaMask 等應用程式構成重大威脅。蘋果已經承認了該漏洞,但其回應因未提供完整修復而受到批評。建議用戶,尤其是持有大量加密貨幣的用戶保持警惕,並採取適當措施保護其數位資產。

蘋果 M 系列晶片漏洞:加密資產面臨風險

A Critical Vulnerability in Apple's M-Series Chips: Are Your Crypto Assets at Risk?

蘋果 M 系列晶片中的一個嚴重漏洞:您的加密資產是否面臨風險?

Recent revelations have brought to light a concerning vulnerability in Apple's M1, M2, and M3 series chips, which power their latest devices. This flaw poses a significant threat to users' cryptographic keys, leaving their data privacy and cryptocurrency holdings exposed to potential theft.

最近的爆料揭露了蘋果 M1、M2 和 M3 系列晶片中的一個令人擔憂的漏洞,這些晶片為其最新設備提供動力。這項缺陷對用戶的加密金鑰構成了重大威脅,使他們的資料隱私和加密貨幣資產面臨潛在的盜竊風險。

What Does the "GoFetch" Exploit Mean for You?

「GoFetch」漏洞對您意味著什麼?

The "GoFetch" exploit, meticulously documented by researchers from esteemed institutions like the University of Illinois Urbana-Champaign and the University of Washington, leverages Data Memory-Dependent Prefetchers (DMPs) within the chips to access the CPU cache. By monitoring the subtle side effects of secret-dependent cache accesses, attackers can surreptitiously infer a victim program's sensitive data, even if the attacker and victim share no common memory.

來自伊利諾大學香檳分校和華盛頓大學等知名機構的研究人員詳細記錄了「GoFetch」漏洞利用晶片內的資料記憶體相關預取器 (DMP) 來存取 CPU 快取。透過監視依賴秘密的快取存取的微妙副作用,即使攻擊者和受害者不共享公共內存,攻擊者也可以秘密推斷受害者程式的敏感數據。

Apple's Response: Mitigation or Shortcomings?

蘋果的回應:緩解措施還是缺陷?

Apple has acknowledged the researchers' findings and issued a developer post outlining a potential mitigation strategy. However, this workaround may introduce performance penalties as it requires assuming worst-case processing speeds to prevent cache invocation. The responsibility for implementing these changes lies with MacOS software developers, not the users themselves.

蘋果已經承認了研究人員的發現,並發布了一篇開發者帖子,概述了潛在的緩解策略。但是,此解決方法可能會帶來效能損失,因為它需要假設最壞情況的處理速度以防止快取呼叫。實施這些變更的責任在於 MacOS 軟體開發人員,而不是使用者本身。

Experts' Concerns: A Patch in Time Not Given?

專家的擔憂:補丁沒有及時發布?

Despite Apple's response, some experts have expressed concerns about its adequacy. Journalist Kim Zetter highlights that Apple implemented a fix for the vulnerability in its October-released M3 chips but failed to promptly inform developers, hindering their ability to enable the patch. Consequently, the onus now falls on wallet providers like MetaMask and Phantom to implement their own patches to safeguard against the exploit.

儘管蘋果公司做出了回應,但一些專家仍對其充分性表示擔憂。記者 Kim Zetter 強調,蘋果在 10 月發布的 M3 晶片中修復了該漏洞,但未能及時通知開發人員,阻礙了他們啟用該修補程式的能力。因此,MetaMask 和 Phantom 等錢包提供者現在有責任實施自己的修補程式來防範漏洞。

A Reminder: No System Is Impervious

提醒:沒有一個系統是堅不可摧的

Apple devices have traditionally enjoyed a reputation for security due to the inherent design of MacOS and iOS. However, a separate report from cybersecurity firm Kaspersky in January underscores the growing threat of malware targeting both Intel and Apple Silicon devices. Specifically, the malware targeted Exodus wallet users, duping them into downloading a malicious software version.

由於 MacOS 和 iOS 的固有設計,Apple 裝置傳統上享有安全聲譽。然而,網路安全公司卡巴斯基一月份的另一份報告強調了針對英特爾和蘋果晶片設備的惡意軟體威脅日益增長。具體來說,該惡意軟體針對 Exodus 錢包用戶,誘騙他們下載惡意軟體版本。

Cloudbet: A Secure Haven for Aviator Gaming and More

Cloudbet:飛行員遊戲等的安全天堂

Cloudbet, a leading Aviator casino established in 2013, boasts an impressive track record in online gaming and e-sports betting. With over 100,000 users, it prioritizes security by storing customer funds in cold storage. Its user-friendly interface and diverse game collection, including slots, table games, and virtual games, cater to a wide range of preferences. Players can utilize multiple currencies or opt for 'free play' to explore games without financial risk.

Cloudbet 是一家領先的 Aviator 賭場,成立於 2013 年,在線上遊戲和電競博彩方面擁有令人印象深刻的記錄。它擁有超過 100,000 名用戶,透過將客戶資金儲存在冷庫中來優先考慮安全性。其友善的使用者介面和多樣化的遊戲系列,包括老虎機、桌上遊戲和虛擬遊戲,滿足了廣泛的喜好。玩家可以使用多種貨幣或選擇「免費遊戲」來探索遊戲,而無需承擔財務風險。

Conclusion: Vigilance and Proactive Measures

結論:保持警覺並採取積極措施

While Apple devices are generally regarded as secure, the newly discovered vulnerability in their latest chips serves as a sobering reminder that no system is immune to threats. Users, particularly those with substantial cryptocurrency holdings, should exercise vigilance and stay abreast of any developments or patches to safeguard their digital assets.

雖然蘋果設備通常被認為是安全的,但其最新晶片中新發現的漏洞清醒地提醒我們,沒有任何系統能夠免受威脅。用戶,特別是那些持有大量加密貨幣的用戶,應保持警惕並及時了解任何進展或補丁,以保護其數位資產。

免責聲明:info@kdj.com

所提供的資訊並非交易建議。 kDJ.com對任何基於本文提供的資訊進行的投資不承擔任何責任。加密貨幣波動性較大,建議您充分研究後謹慎投資!

如果您認為本網站使用的內容侵犯了您的版權,請立即聯絡我們(info@kdj.com),我們將及時刪除。

2024年10月31日 其他文章發表於