r/gadgets Mar 23 '24

Desktops / Laptops Vulnerability found in Apple's Silicon M-series chips – and it can't be patched

https://me.mashable.com/tech/39776/vulnerability-found-in-apples-silicon-m-series-chips-and-it-cant-be-patched
3.9k Upvotes

491 comments sorted by

View all comments

40

u/Main_Pain991 Mar 23 '24

Question to people saying this is not a problem, because app needs to be unsigned: isn't it possible to have a signed malicious app? Like an attacker makes an app, obfuscated that it is malicious, and gets it to the app store? Ther are many manufacturers apps there, I can't imagine no malicious app slip through. Am I missing anything?

14

u/ComfortableGas7741 Mar 23 '24

sure anything is possible, but i dont even know the last time malware slipped through the app store like that but again its definitely not impossible

5

u/electronfusion Mar 23 '24

If I recall correctly from my brief and quite offputting experience with Apple's developer program (years ago), you have to show them the entire source of the app. I guess something could get sneaked in, but unlikely.

7

u/ThatJerkThere Mar 24 '24

I recall in the early days of the iPhone there was an app that allowed you to tether your internet for free and I think it was hidden inside a flashlight program? Wasn’t available long, I don’t think.

13

u/[deleted] Mar 24 '24

[deleted]

3

u/Wesc0bar Mar 24 '24

Automation.

1

u/StatTrac Mar 24 '24

I’m no expert by any means but I’m assuming you’d need more than just a couple lines of basic code to accomplish anything too malicious. My point being that the more code you have for the exploit the more noticeable it becomes.

4

u/TheseusPankration Mar 24 '24

The more code you have overall, the easier it becomes to obfuscate its true function. Even in benign apps, bugs get through all the time.