After the security scandals Specter and Meltdown, not as if Intel was in a position comfortable enough to embark on another such polemic. But this is exactly what happened: researchers reported yet another bug without correction in the company's processors produced in the last five years, a vulnerability that puts at risk, including cryptography like the FileVault.
The flaw requires a potential attacker to be in possession of the computer in question, and, with the right technique, allows it to have access to the machine's data even if it is encrypted with any type of standard. The whole thing, of course, has a very technical explanation, you can read all the details in the original article of The Register that involves access keys and the system Converged Security and Management Engine (CSME), which allows the company's chips to interact with the security mechanisms of machines and operating systems.
Basically speaking, the CSME is unprotected for a brief period of time when the computer starts up long enough for a potential attacker to extract the cryptographic key from security protocols and thereby execute commands in the operating system, gaining access to your data even if you protect it your computer with password and encryption.
The researchers did not even have to go very deep to discover the flaw: it was enough to read the documentation detailing the initialization process for Intel chips to see that there was something wrong there; then he went to do the tests. The chip giant was notified in October 2019, but now the vulnerability has only been disclosed to the general public.
The most worrying part is that, because it is a fault present in Intel's own chip circuits, it is not possible to correct it with a patch security or something the only precaution is to pray that your computer does not fall into the hands of a group of international-level crackers with lots of willingness to read your emails. In fact, this is Intel's official recommendation: "Maintain physical possession of your machines". _ () _ /
The least worrying side is that, at least in the Mac world, part of the users need not worry: the failure does not reach Apple computers equipped with the chips T1 or T2, because these components are activated before the processor itself to deal with machine security issues. As the vulnerability only affects Intel processors from five years ago, and Ma has had its security chips equipped with Macs since 2016, several models will be included in the controversy.
Another important piece of information that Intel has already tried to correct the problem in its most recent designs: the company's 10 generation processors, from the family "Ice Lake", no longer suffer from this vulnerability.
Either way, the warning is recorded. Let us not let our guard down, after all.