Intel has disclosed vulnerabilities called Microarchitectural Data
Sampling (MDS) that apply to desktop and notebook computers with
Intel CPUs, including all modern Mac computers.
Although there are no known exploits affecting customers at the
time of this writing, customers who believe their computer is at
heightened risk of attack can use the Terminal app to enable an
additional CPU instruction and disable hyper-threading
processing technology, which provides full protection from these
This option is available for macOS Mojave, High Sierra and Sierra
and may have a significant impact on the performance of your
computer. […] Testing conducted by Apple in May 2019 showed as
much as a 40 percent reduction in performance with tests that
include multithreaded workloads and public benchmarks.
It’s good that there are no known exploits using these techniques, but even if there were, the overwhelming majority of Mac users — almost everyone — would not need to enable this mitigation. These MDS vulnerabilities enable malware on your computer to do bad things. But these vulnerabilities are not ways for malware to get onto your computer.
Once you have malware on your computer, the game is over. I’m not saying these MDS vulnerabilities aren’t a problem — they obviously are, because they make malware potentially more dangerous. But the game is keeping malware off your computers in the first place.
(Also worth noting: these particular vulnerabilities don’t affect iPhones, iPads, Apple Watches, or the vast majority of Android devices because ARM chips don’t have these vulnerabilities. Only Intel chips. We’re running out of reasons for Apple not to switch the entire Mac platform to ARM.)
(Bonus parenthetical: It’s possible that there are similar vulnerabilities in ARM chips too, but if there are, none have been publicly disclosed yet.)
★ Wednesday, 15 May 2019