All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com

Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
Upgrade the memory of your 2018 Mac mini up to 64GB
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$3049 $2399
SAVE $650

$3508 $2998
SAVE $510

$998 $848
SAVE $150

$3999 $2998
SAVE $1001

$2299 $1799
SAVE $500

$1597 $1297
SAVE $300

$80 $33
SAVE $46

$2299 $1799
SAVE $500

$1898 $1498
SAVE $400

$2799 $2299
SAVE $500

$2299 $1799
SAVE $500

$600 $400
SAVE $200

$240 $175
SAVE $65

$699 $499
SAVE $200

$270 $270
SAVE $click

$1599 $1398
SAVE $201

$2027 $1597
SAVE $430

$1699 $999
SAVE $700

$180 $100
SAVE $80

$1199 $1099
SAVE $100

$1199 $1099
SAVE $100

$999 $949
SAVE $50

$270 $270
SAVE $click

$1699 $999
SAVE $700

Apple T2 Chip: Unfixable Security Flaw that Gives Attacker Full Control

If you have a castle with nuclear proof walls and a mile-deep moat... well, just fly a helicopter in, or wait till someone there does a DoorDash.

Or... let sloppy engineering do the work for you, as in this case—it’s a brain-dead screwup by Apple.

The vaunted Apple T2 chip on systems with an Intel process and Apple T2 chip apparently can be rooted with a relatively straightforward attack, child’s play for a state actor, and maybe for any good hacker. All you have to do is to get someone to plug in a USB-C cable or flash drive or whatever.

Crouching T2, Hidden Danger

Let’s talk about that thing nobody’s talking about. Let’s talk about a vulnerability that’s completely exposing your macOS devices while most are declining to act nor report about the matter. Oh, and did I mention it’s unpatchable?

...

Intel vs Silicon

This blog post only applies to macOS systems with an Intel processor and the embedded T2 security chip. Apple silicon systems will run completely on a set of Apple-designed ARM processors and thus will use a different topology based on e.g. the A12 chip. Since the A12 chip seems to have fixed this issue (to be confirmed), it’s highly likely the new Apple Silicon machines will not be vulnerable. And while the new upcoming Intel Macs at the end of year will probably receive a new hardware revision of the T2 chip (e.g. based on the A12), we are still stuck with this vulnerability on Macs between 2018 and 2020.

...

Debugging vulnerability

Apple left a debugging interface open in the T2 security chip shipping to customers, allowing anyone to enter Device Firmware Update (DFU) mode without authentication... Using this method, it is possible to create an USB-C cable that can automatically exploit your macOS device on boot(!)

...

Once you have access on the T2, you have full root access and kernel execution privileges since the kernel is rewritten before execution. Good news is that if you are using FileVault2 as disk encryption, they do not have access to your data on disk immediately. They can however inject a keylogger in the T2 firmware since it manages keyboard access, storing your password for retrieval or transmitting it in the case of a malicious hardware attachment.

•  The functionality of locking an Apple device remotely (e.g. via MDM or FindMy) can be bypassed (Activation Lock).

•  A firmware password does not mitigate this issue since it requires keyboard access, and thus needs the T2 chip to run first.

•  Any kernel extension could be whitelisted since the T2 chip decides which one to load during boot.

•  If the attack is able to alter your hardware (or sneak in a malicious USB-C cable), it would be possible to achieve a semi-tethered exploit.

While this may not sound as frightening, be aware that this is a perfectly possible attack scenario for state actors. I have sources that say more news is on the way in the upcoming weeks. I quote: be afraid, be very afraid.

I’ve reached out to Apple concerning this issue on numerous occasions, even doing the dreaded cc tcook@apple.com to get some exposure. Since I did not receive a response for weeks, I did the same to numerous news websites that cover Apple, but no response there as well. In hope of raising more awareness (and an official response from Apple), I am hereby disclosing almost all of the details. You could argue I’m not following responsible disclosure, but since this issue has been known since 2019, I think it’s quite clear Apple is not planning on making a public statement and quietly developing a (hopefully) patched T2 in the newer Macs & Silicon.

...

MPG: why is Apple not commenting or responding?


OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!

Deals Updated Daily at B&H Photo

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__