This was forwarded to me today. It would be great to get a comment from the II team about if people need to remove Mac based II keys.
And perhaps from plug and other web wallets as to the relevance here as well.
This is a lab based exploit at the moment and likely not an eminent threat.
Looking deeper into this I found that surprisingly Intel 13th and 14th Gen (Raptor Lake architecture) CPU’s don’t have this vulnerability though they share the same prefetcher as Apple’s M chips.
I’m also looking for this information.
I found some more info.
Here’s the full description of the hack and how it works from the guys that found it:
TLDR unless you download stuff or access webpages you should be fine knowing you spent a lot of money on shitty hardware. Am I right ?>
This is a serious threat… why does anybody in dfinity address it?
I don’t think it is quite that serious at the moment as it has only be done in a lab under some pretty controlled circumstances and the thing need lots of crypto operations to work. I’m pretty sure they are doing analysis on it and will say something when they know what to say.