George Zhang pfp
George Zhang
@odysseustz
Since this is going viral, here is some important TLDR: 1. No it does not impact your secure enclave. Only cryptographic operations carried out in CPU are vulnerable. Which ones use secure enclave? anything that requires you to use TouchID, or take your fingerprint. https://t.co/yjQTogcIzk
1 reply
1 recast
3 reactions

George Zhang pfp
George Zhang
@odysseustz
2. The attackers still need to install a malicious software on your Macbook to monitor system level change like cache miss and hit from DMP mechanism. If they already have something like that in your Macbook, you are kinda fucked already...
1 reply
0 recast
2 reactions

George Zhang pfp
George Zhang
@odysseustz
3. It is not the type of "click one button and your key is mine" thing. The attacker needs like an hour in the case of least demanding key to constantly perform cryptographic operation to get the key out.
1 reply
0 recast
3 reactions