Apple T2 Chip: Unfixable Security Flaw that Gives Attacker Full Control

2020-10-06 • SEND FEEDBACK |
Related: Apple, Apple Core Rot, Apple macOS, Apple T2 chip, security, USB, USB-C

If you have a castle with nuclear proof walls and a mile-deep moat... well, just fly a helicopter in, or wait till someone there does a DoorDash.

Or... let sloppy engineering do the work for you, as in this case—it’s a brain-dead screwup by Apple.

The vaunted Apple T2 chip on systems with an Intel process and Apple T2 chip apparently can be rooted with a relatively straightforward attack, child’s play for a state actor, and maybe for any good hacker. All you have to do is to get someone to plug in a USB-C cable or flash drive or whatever.

Crouching T2, Hidden Danger

Let’s talk about that thing nobody’s talking about. Let’s talk about a vulnerability that’s completely exposing your macOS devices while most are declining to act nor report about the matter. Oh, and did I mention it’s unpatchable?

...

Intel vs Silicon

This blog post only applies to macOS systems with an Intel processor and the embedded T2 security chip. Apple silicon systems will run completely on a set of Apple-designed ARM processors and thus will use a different topology based on e.g. the A12 chip. Since the A12 chip seems to have fixed this issue (to be confirmed), it’s highly likely the new Apple Silicon machines will not be vulnerable. And while the new upcoming Intel Macs at the end of year will probably receive a new hardware revision of the T2 chip (e.g. based on the A12), we are still stuck with this vulnerability on Macs between 2018 and 2020.

...

Debugging vulnerability

Apple left a debugging interface open in the T2 security chip shipping to customers, allowing anyone to enter Device Firmware Update (DFU) mode without authentication... Using this method, it is possible to create an USB-C cable that can automatically exploit your macOS device on boot. (!)

...

Once you have access on the T2, you have full root access and kernel execution privileges since the kernel is rewritten before execution. Good news is that if you are using FileVault2 as disk encryption, they do not have access to your data on disk immediately. They can however inject a keylogger in the T2 firmware since it manages keyboard access, storing your password for retrieval or transmitting it in the case of a malicious hardware attachment.

•  The functionality of locking an Apple device remotely (e.g. via MDM or FindMy) can be bypassed (Activation Lock).

•  A firmware password does not mitigate this issue since it requires keyboard access, and thus needs the T2 chip to run first.

•  Any kernel extension could be whitelisted since the T2 chip decides which one to load during boot.

•  If the attack is able to alter your hardware (or sneak in a malicious USB-C cable), it would be possible to achieve a semi-tethered exploit.

While this may not sound as frightening, be aware that this is a perfectly possible attack scenario for state actors. I have sources that say more news is on the way in the upcoming weeks. I quote: be afraid, be very afraid.

I’ve reached out to Apple concerning this issue on numerous occasions, even doing the dreaded cc tcook@apple.com to get some exposure. Since I did not receive a response for weeks, I did the same to numerous news websites that cover Apple, but no response there as well. In hope of raising more awareness (and an official response from Apple), I am hereby disclosing almost all of the details. You could argue I’m not following responsible disclosure, but since this issue has been known since 2019, I think it’s quite clear Apple is not planning on making a public statement and quietly developing a (hopefully) patched T2 in the newer Macs & Silicon.

...

MPG: why is Apple not commenting or responding?