Meet Ledger Nano™ Gen5, the most playful signer yet

Discover now

Find us on...

your favorite streaming app

Spotify Youtube Soundcloud Iheart Apple Podcast Deezer Audius Google Podcast

EP - 82

Securing Yourself: Lessons from the Apple Security Breach

with

Ian Rogers & Charles Guillemet
CXO & CTO

Mar 26, 2024

In this special episode, recorded following the breaking news of an “unpatchable” vulnerability in Apple’s M-series chips, Ledger’s Chief Experience Officer Ian Rogers and CTO Charles Guillemet dive deep into the world of side-channel attacks. They discuss what this revelation means for your security, why it was predictable, and how it highlights the fundamental trade-offs between performance and protection in modern computing.

“What we ask our phones to do is sort of like if I asked you to protect a billion dollars’ worth of gold bars in a building where I was also going to build a shopping mall and a kindergarten, and a nightclub.” – Ian Rogers

Key Highlights:

A Flaw in the Silicon: Understanding the “GoFetch” Attack

A group of researchers discovered a new, unpatchable vulnerability in Apple’s M-series chips, the processors that power the latest iPhones, iPads, and Mac computers. The attack, dubbed “GoFetch,” is a side-channel attack, meaning it doesn’t target the cryptographic math itself, but rather the physical side effects of the chip performing an operation.

Charles explains it with a powerful analogy: imagine trying to crack a physical safe. Instead of trying to brute-force the combination, you listen carefully to the subtle clicking sounds the lock makes as the dial turns. Each number makes a slightly different sound, and by analyzing those sounds, you can figure out the correct combination. The GoFetch attack works similarly, observing the chip’s internal data-dependent behaviors to infer secret cryptographic keys. Because this vulnerability is baked into the physical hardware design, it cannot be fixed with a simple software patch.

The Apple Paradox: Technical Marvel Meets Security Reality

Ian’s perspective on the M1 chip is particularly insightful. Having worked at Apple previously, he recognizes the M1 as one of the most impressive technical achievements in recent years—a project that began in 2007 and culminated in Apple’s bold move away from x86 architecture to ARM-based processors. The performance gains and power efficiency are undeniable, but this success story illustrates the fundamental trade-offs in chip design. Specifically, to make chips faster, designers build in predictive features that anticipate the next step in a process. The GoFetch attack cleverly exploits these very features to steal secrets.

“I’m absolutely not surprised because again, this type of chip has been designed for performance and not for security. And if you want to have performance and security at the same time, it’s not really possible. You have to choose between the two.” – Charles Guillemet.

The Cat and Mouse Game: Unpatchable but Mitigatable

While the vulnerability is described as “unpatchable” because it exists at the hardware level, Charles explains that mitigation is possible—but at a severe cost. Similar to the Spectre and Meltdown vulnerabilities that affected x86 chips, software-level mitigations will significantly degrade performance. This creates an ongoing cat-and-mouse game where each mitigation leads to new attack variations, requiring further performance-degrading patches.

Over the past five years, researchers have discovered 9-10 different variations of Spectre and Meltdown attacks, each requiring new mitigations. The GoFetch vulnerability promises to follow the same pattern, with no real way to provide strong security guarantees on general-purpose processors.

The Broader Security Implications

This vulnerability affects far more than crypto wallets. Any application performing cryptographic operations on M1 chips is potentially vulnerable:

  • Web browsing: HTTPS connections could be compromised, allowing attackers to intercept or modify secure communications
  • Authentication: Login credentials and session tokens could be stolen
  • Banking applications: Financial transactions could be monitored or manipulated
  • Software wallets: Private keys could be extracted without requiring malware installation

The attack can even be executed from userland applications, meaning attackers don’t need elevated privileges—a malicious website could potentially exploit this vulnerability.

Why Dedicated Security Hardware Matters

This revelation reinforces Ledger’s core philosophy: that securing valuable digital assets requires specialized hardware designed specifically for security, not performance. Charles outlines the three essential components for true crypto security:

  1. Secure Element: Private keys must be generated and stored in a dedicated security chip
  2. Key Isolation: Keys must never leave the secure environment during operations
  3. Trusted Display: Users must approve transactions on a secure screen that cannot be compromised

“Having a dedicated device with a dedicated enclave with the secrets inside and a dedicated screen that explains what you’re about to consent to—for me, this is the only way to have guarantees.” – Charles Guillemet.

Watch the episode here: 

Reading List

Learn more about these topics mentioned in the episode, or explore our library of articles on Ledger Academy:

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our
newsletter

New coins supported, blog updates and exclusive offers directly in your inbox


Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time using the link included in the newsletter. Learn more about how we manage your data and your rights.