Get rid of threats
While Apple’s T2 security chip mainly appears to help Jobs’ Mob control his walled garden of delights, it’s apparently not very good at security.
A recently released tool allows anyone to use a bug in the chip to bypass it and gain access to the system.The flaw is a loophole that researchers have been using for over a year to jailbreak older models of iPhones, but it does. that the T2 chip is vulnerable in the same way creates a whole new host of potential threats.
And what’s bad for Apple is that the flaw is ultimately irreversible in all Macs that have a T2 under the hood. The flaw lies in a low-level and non-modifiable code for the hardware.
Apple added T2 as a trust mechanism to secure high-value features like encrypted data storage, Touch ID and Activation Lock, which works with Apple’s “Find My” services.
The T2 is supposed to be that secure little black box in Macs – a computer inside your computer, handling tasks like enforcing lost mode, checking integrity, and other privileged tasks.
Will Strafach, longtime iOS researcher and creator of the Guardian Firewall app for iOS, said the significance was that this chip was supposed to be harder to compromise – but now it’s done.
The vulnerability, known as Checkm8, has been exploited in mobile chipsets from Apple A5 to A11 (2011 to 2017). Now Checkra1n, the same group that developed the tool for iOS, has released support for T2 bypass.
On Mac, jailbreak allows researchers to probe the T2 chip and explore its security features. It can even be used to commit Apple heresy, like putting Linux on the T2 or playing Doom on the Touch Bar of a MacBook Pro.
Jailbreaking can disable macOS security features like System Integrity Protection and Secure Boot and install malware. Combined with another T2 vulnerability that was publicly disclosed in July by Chinese security and jailbreak research group Pangu Team, the jailbreak could also be used to obtain FileVault encryption keys and decrypt user data.