The “fabulous” T2 security chip in recent Macs is, apparently, unrepairably flawed. This is particularly irksome given the recent spate of issues related to downgrading from Catalina.
No need to panic though.
From the article:
- an attacker would need physical access to target devices
- the compromise isn’t “persistent”; it ends when the T2 chip is rebooted
- the jailbreak doesn’t give an attacker instant access to a target’s encrypted data
“There are plenty of other vulnerabilities, including remote ones that undoubtedly have more impact on security,” a Checkra1n team member tweeted on Tuesday
4 Likes
Yes, I read that too and, really, if a determined individual has your machine, all bets are off. That’s nothing new.
This, however, points out some of the added complications we’re putting up with because of the T2.
Yep. Power failures while installing firmware is a bad situation for nearly all devices. I imagine it would be a pain when installing firmware and/or macOS on a non-T2 Mac as well.
I would like to know what it means to “reboot” the T2. That word does not tend to imply a process as invasive as what restoring the T2 to Apple’s default configuration, something the article asserts is necessary and which would require a complete reinstall of the OS and data.
As things stand, I’m much, much happier to have a T2 in my Macs than not. That may change, of course.
Unfortunately the state of technology is so complex that it takes much longer than anticipated to get something in a final state.
I work in the semiconductor industry for decades and ALWAYS the chip designers state that first silicon will work. I plan my schedule counting on it not to work and first silicon NEVER works but I must always do this designer dance.
The reason is now with the reduction in geometries there are literally billions of transistors. My job was supposed to be obsoleted decades ago as a test engineer as BIST (Built-in Self-Test) was supposed to render testing obsolete.
Well like the empty draw at home or the hard disk it is always filled up and despite having billions of transistors the designers use this as additional functionality and BIST does not get invited to the party.
So billions of transistors, coupled with millions of variations of users along with hackers that having not better to do except trying to exploit flaws leads to situations where it just takes longer to weed out all possible variations.
I am sure that these holes will be plugged in the next design upgrade of the T2.
I often wondered why companies so not employ these hackers so I did some research and as you imagine hackers tend not to be model employees. 
So instead I see many companies go to a bounty system and offer rewards for any person finding bugs or holes in security. It seems like a good compromise.
Unfortunately, Apple always maintains this air of secrecy.
Interesting info on the T2, including its operating system.