Finding new vulnerabilities is part and parcel of a device’s lifecycle. Cybersecurity firms discover new holes in a device’s security regularly. Thankfully, a firm’s discovery quickly leads to a patch from the affected brand. A newly discovered one, however, is defying common practices. Apple has recently uncovered a hardware vulnerability that’s impossible to patch.

Recently, a team of researchers sprinkled throughout the United States brought the vulnerability to everyone’s attention. The potential exploit is present in Apple’s M-series, a recent lineup of chipsets for newer Macs.

The vulnerability works by exploiting a feature that complements the chipset’s memory called the data memory-dependent prefetcher (or DMP). The DMP can predict where a piece of code is based on previous behavior. It reduces the chipset’s latency, ensuring better performance.

Now, the exploit, which the researchers have named GoFetch, disguises itself as a “pointer,” which tells the DMP which data to fetch. GoFetch can effectively point at data it wants to steal, and the feature will hand the data over willingly.

In more practical terms, malicious parties can hide this exploit inside innocent-seeming apps. Though the exploit still needs a significant amount of time to work, it’s not impossible to trick users into having an illicit app open for an extended length of time.

The other catch is how impossible it is to patch. Because the exploit is a hardware-based vulnerability, Apple cannot patch it out without re-engineering the silicon. There are software-based patches; however, doing so will reportedly compromise the performance of the chipset. The team is still researching for the effects of other software patches.

At this point, the only way to protect against the vulnerability is the same piece of advice for all hacks: Be careful of what you install.

SEE ALSO: Apple M3 MacBook Air Review

According to Google, Filipino netizens had a higher interest in cybersecurity last year.

The Philippines ranked among the top in the world in keyword searches for the following terms:

• malinformation
• cybercrime
• phishing
• malware
• fraud
• scam
• one-time password
• password strength

The word “fraud” particularly reached a 13-year high in search volume. Meanwhile, searches for “scam” increased by 40% from 2022.

These keyword search trends are a reflection of the Filipino netizen’s better interest in internet safety practices.

To help more Filipinos maintain safe browsing online, here are eight tips from Google.

Install the latest OS, updates

Turn on auto-updates on your device and web browser. Don’t ignore warnings or notifications. It’s also crucial to run the latest updates for security enhancements and protection against new threats.

For Android device users, Google Play Protect should be automatically turned on to provide protection against malicious apps and more.

Use password manager

Google’s Password Manager is a free, built-in tool to help users create, store, and manage secure passwords for all accounts.

Aside from the convenience it gives, the service also analyzes saves passwords for weaknesses or if they’ve been exposed for breaches.

Secure accounts with passkeys

Speaking of passwords, Passkeys like fingerprints or face IDs provide an extra layer.

They can keep your accounts safe against phishing since they are stored on your device.

Run regular security checkups

Google Security Checkup is a simple tool within one’s Google Account that reviews and improves their online security.

This helps users identify and fix potential vulnerablities across digital properties from connected devices and third party apps.

Review your data settings

Run a deeper checkup to see whether your apps and accounts are above-board.

Make sure you’re not sharing any data, especially sensitive information. Look through each app and site as well to see if you agree with their terms and conditions, and settings.

Avoid suspicious links

Take a moment before clicking any online or SMS links. These are usually links that can steal your sensitive information.

If a link does not look legitimate, report them immediately and block the source.

Don’t give in to pressure

Scams and frauds, whether online, over the phone, or in person, rely on pressuring someone or getting them nervous and careless.

When you are rushed to make a decision and it feels unusual, take a moment to stop, think, and assess the situation. If you’re not allowed to pause, something is not right.

Check the facts

Before posting or sharing, verify information first. See if the information is from a trusted source. Using Google Search, check the way it is written or said, who shared it, and other details.

Over the years, Chrome’s Incognito Mode accumulated quite the reputation. For most users, the alternative browsing mode was a quick way to browse dubious websites away from prying eyes. However, the mode isn’t as incognito as the name implies, as evidenced by a lawsuit from years ago. Now, Google has caved in and admitted the shortcomings of Incognito Mode.

Back in 2020, Google faced a lawsuit against the purported security of Chrome’s Incognito Mode. The lawsuit alleges that the private mode still lets websites track a user’s data.

At the time, Google themselves confirmed that websites can do that. Now, almost four years after the lawsuit, the company has agreed to settle the US$ 5 billion lawsuit.

Now, Chrome is adding a new disclaimer (spotted via MSPowerUser) to hopefully keep users from expecting complete privacy while using Incognito Mode. Besides alerting users that the device still saves downloads and bookmarks, the disclaimer that shows up whenever Incognito Mode is opened now also reads: “This won’t change how data is collected by websites you visit and the services they use, including Google.”

Unfortunately, the disclaimer isn’t meant to change how websites process your data. It’s just a way to reduce Google’s liability whenever someone complains about the security of their data.

Now, if you’re looking for a more secure way to browse the internet, other methods will serve your purposes more. For example, VPNs and Tor offer more anonymity online. Some browsers — Brave, for instance — offer those services built into the software already.

SEE ALSO: Google sued for tracking Chrome users in Incognito Mode