back to article Apple's T2 custom secure boot chip is not only insecure, it cannot be fixed without replacing the silicon

Apple's T2 security chip is insecure and cannot be fixed, a group of security researchers report. Over the past three years, a handful of hackers have delved into the inner workings of the custom silicon, fitted inside recent Macs, and found that they can use an exploit developed for iPhone jailbreaking, checkm8, in …

  1. tip pc Silver badge

    Physical access required, is T1 also compromised?

    So this exploit requires physical access to the device and could be used to install a key logger to decrypt the disk.

    Definitely exploited but still better than with no T2.

    Lastly is T1 exploited too?

    1. Anonymous Coward
      Anonymous Coward

      Re: Physical access required, is T1 also compromised?

      Is it really better than nothing, though? If you can drop the machine into DFU mode, you can install a basically undetectable keylogger that can completely compromise the machine.

      I'm not aware of an exploit that allows you to do that on a Mac without one.

    2. tip pc Silver badge

      Re: Physical access required, is T1 also compromised?

      So T2 controls the ssd which is always encrypted, utilising the T2's aes 256 capabilities. If a user turns filevault off T2 just lets you onto the drive without entering the encryption key. Turning FV just means the user needs to enter their password to decrypt that ssd, giving the impression of instant encryption.

      T1 has no aes capabilities & does not encrypt the drive but may contain encryption keys in its secure enclave along with credit card details etc.

      T2 is a much more capable and advanced beast.

  2. Charlie Clark Silver badge

    Surprised?

    I'm certainly not. Given and local access to a machine that has a recovery mode, then exploits are inevitable and Apple must be aware of this.

    But the main reason for them using such chips is not to prevent hackers from breaking in, but to prevent users from making changes such as installing other OSes or removing some of the many restrictions in IOS that we'll no doubt soon also see in MacOS.

    1. WolfFan Silver badge

      Re: Surprised?

      Interesting. Apple prevents users from installing other OSes, eh? Looks at iMac running Ubuntu. Looks at other iMac running Win 7, though admittedly putting Win 7 on it was a struggle, neither Apple nor Microsoft supports anything but Win 10. And admittedly Boot Camp is going to go away in ARM based Macs. It’s not gone yet.

      And, of course, there are the various other Macs with Parallels VMs of older versions of macOS, various Windows installs, and various Linux installs, usually some variation on Ubuntu going back to 18.04.

      Tell me more about the world you live in. What colour is the sky there?

      1. overunder Silver badge

        Re: Surprised?

        "Apple prevents users from installing other OSes, eh? "

        First, MAC users don't care about other OSes in general, they care about their stuff that is being erased and/or compromised and are helpless to do anything about it.

        Second, today Charlie is actually right, but you could argue that this is the inevitable end that Apple has always wanted. You have other OSes running so you can attest that the past wasn't so bleak, but look at recent Catalina issues with "Secure Boot". Are you 100% sure that if you used the most recent MAC hardware and OS that if you install ANYTHING that it won't erase EVERYTHING? Not all are, and now with this "exploit", it's not looking sunnier :-/.

        P.S. I don't really consider what this article is reporting as an exploit perse, but simply a consequence of hard coding zero sum security. As out of context as it might sound, there's a logical reason that it takes the communication of 2 people to physically launch a nuke.

        1. WolfFan Silver badge

          Re: Surprised?

          That’s Mac, not MAC. Today Charlie is actually wrong. Macs, including brand new Macs running Catalina (and even the Big Sur beta) can and do have non Apple OSes installed. Which ‘issues’ are you talking about? Some numpties have a problem switching from macOS to Windows and back at startup, but that’s not an OS issue, that’s a keyboard issue, a lot of wireless keyboards, especially including Apple’s own Bluetooth keyboards, don’t activate early enough in the boot process to detect that users held the option key down. Wired keyboards, including my ancient Macally, don’t have this problem.

          And, yes, I’m 100% sure that it won’t erase EVERYTHING. And that’s why I have backups if, by some incredibly unlikely instance, it does erase EVERYTHING.

          The current ‘exploit’ requires physical access. If I have physical access, I can do one hell of a lot of damage, including simply removing the entire computer. For this to be a real problem, someone has to have the right tools, physical access, and time undisturbed.

          1. Paradroid

            Re: Surprised?

            I mostly agree with you that Apple are not out to prevent other OSs being installed as Apple haters are making out, but the T2 chip was quite a hassle for Linux to work round and was only possible because of the desire of a lot of people. Not much chance of getting anything less common than Linux (e.g. BSD, Heroku) running unless you're prepared to run it off an external drive.

          2. NightFox
            Headmaster

            Re: Surprised?

            Thumbs-up for the 'MAC' correction. People using 'MAC' (and 'APP' too, while I'm on my soapbox) on Facebook and the likes is annoying, people doing either on a forum like this is unforgivable. It's one small step away from referring to the internet as 'Google'.

            1. monty75

              Re: Surprised?

              Everyone knows 'The Internet' is that yellow, red, green and blue circle icon. Or the blue E if you answer to the name 'Grandad'

      2. Charlie Clark Silver badge
        FAIL

        Re: Surprised?

        Have you tried installing another OS on an I-Phone? Have you tried using a different browser engine on I-Phone? Have you managed to buy an app for an I-Phone than anywhere other on the Apple App Store? Apparenty this is all for our safety. Sounds like Steve Jobs wasn't a fan of Benjamin Franklin…

        Apple's very own version of lockdown is coming to Macs.

        1. sev.monster Bronze badge

          Re: Surprised?

          Jobs bragged that most of the original OSX was either directly open source or based on free software, and made it a point to draw *nix users in. It took years for them to started locking things down, especially after the new management stepped in. Not saying the man was infallible but he did see the value of open source and software freedom, even if that platform ended up pushing the most closed software/hardware ecosystem in the market.

          1. tip pc Silver badge

            Re: Surprised?

            OS X is built on Darwin which you can freely download the source for, os x is even zero cost to you too and can be freely downloaded from the Mac website.

            The os is hardened, why is that a bad thing?

            Can run any 64 bit OS X software I choose, I can just tell the os to run it..

            1. Dan 55 Silver badge

              Re: Surprised?

              After "sudo spctl –master-disable" from terminal on Catalina to enable the "Anywhere" button on System Preferences > Security & Privacy, yes you can. It certainly wasn't like that when Gatekeeper was introduced, there'd have been an outcry even from fanbois.

        2. WolfFan Silver badge

          Re: Surprised?

          An iPhone is not a Mac. We were addressing Macs. Moving the goalposts doesn’t help you.

          1. Charlie Clark Silver badge

            Re: Surprised?

            The T2 is used across Apple's platforms.

    2. DS999 Silver badge

      Re: Surprised?

      I don't get why people think Apple will use the transition to ARM to lock down macOS. They could have done it at any time, there is nothing about x86 that prevented them locking it down as tighter or even tighter than macOS.

      1. Mage Silver badge
        Windows

        Re: Surprised?

        The main reason to buy a Mac is to run Mac OS.

        1. monty75

          Re: Surprised?

          And to look cool while doing it

          1. A.P. Veening Silver badge

            Re: Surprised?

            And to look cool while doing it

            As opposed to being cool.

        2. whoseyourdaddy

          Re: Surprised?

          It's also the best platform to run Windwows OS.

          https://www.theregister.com/2017/10/19/ge_apple_move_impact_microsoft_analysis/

      2. doublelayer Silver badge

        Re: Surprised?

        "I don't get why people think Apple will use the transition to ARM to lock down macOS. They could have done it at any time"

        You are correct, but I think it's likely. In 2006, they didn't want to lock it down. They wrote BootCamp just to prove that. They still allowed running unsigned binaries. I was very happy with them. It's not the same now. They've taken various small steps toward locking down their OS, and they've created another fork which has already seen much more thorough lockdowns. The reason I think ARM might be a good opportunity for them to lock down is that it's easier to say "We have to drop support for multibooting because our chip doesn't support the operating system images currently available" rather than "We decided we didn't want you to run Windows anymore so we're pulling Bootcamp". In the name of security, they've instituted weird and painful restrictions on disk access that don't work which look a lot more like IOS than they look like any other popular OS. They've hidden the settings needed to run software they haven't signed behind obstructive and meaningless error messages. Their repairability scores have been dropping steadily for most of their machines. These are not good signs to me.

        1. DS999 Silver badge

          Re: Surprised?

          It has already been made public that the ARM Macs will have a bootloader that can be unlocked. That might not matter in practice since Apple isn't going to write Windows or Linux drivers for its proprietary GPU, but I suppose someone motivated enough could reverse engineer it. Reverse engineered drivers probably wouldn't perform that well, but people who just wanted to boot Windows or Linux and run non demanding (i.e. no games or CAD) stuff probably could do so.

          Though other than bloody mindedness I have no idea why someone bother with the effort to reverse engineer the GPU when they could Windows or Linux in a VM and get much better GPU performance in a fully supported way. Especially as that GPU would be a moving target.

    3. Aitor 1 Silver badge

      Re: Surprised?

      The main reason is to prevent it being fixed by independent repair shops, and charge more than the cost of replacement to he poor sods that need repair, so an easy repair is converted into more stuff in the landfill and new sales for Apple. The side effect, is your data is reasonably secure.

      If this was not the case, you should be able to install a new OS on the system, even if you had to validate it online, etc etc.

      1. anonanonanonanonanon

        Re: Surprised?

        Another way of looking at it is that it stops random creeps from bypassing your security and installing stalkerware on your device. The side effect being that you can't just let anyone bypass your security

    4. Anonymous Coward
      Anonymous Coward

      Re: Surprised?

      to prevent users from making changes such as installing other OSes

      Buying a Mac so that you can install another OS seems a bit like buying a Gucci handbag to keep your gym clothes in.

      1. skswales

        Re: Surprised?

        Or corporate policy... friend's company was taken over and they were all issues with shiny new Macs, that their development environment didn't run on. Time to install Windows.

        1. Cliffwilliams44 Bronze badge

          Re: Surprised?

          That's just corporate stupidity not Apples problem.

          Reminds me of the Ad Firm back in the 90's where the Creative Director talked management into replacing all the Standard PCs in Accounting and for all the PAs with Macs. All those ladies who were Work Perfect jockeys almost strung me up by my gonads! "What is this mouse thing! I can get any work done!

      2. Charlie Clark Silver badge
        Stop

        Re: Surprised?

        Being allowed to install the most recent versions of MacOS despite Apple deciding we shouldn't would also be nice.

      3. Kabukiwookie

        Re: Surprised?

        Good analogy. Just as useful as the $10 version, but aimed at people with more money than brains.

  3. Anonymous Coward
    Anonymous Coward

    I love my iMac...

    ...and now, thanks to Apple, everyone else can too!

    Bigly win for the people!

  4. Anonymous South African Coward Silver badge

    While Apple cannot fix the flaw in its T2, Mark says it should be possible to restore a compromised device that's still bootable into DFU by attaching it to a trustworthy second device.

    What if newer malware versions will be able to spread from compromised devices to uncompromised devices?

    /inserts brrr.gif

    1. doublelayer Silver badge

      Since it requires a cable connection and booting to recovery, it's unlikely to spread without assistance; people rarely connect one computer to another one over a USB cable. The exploit is very serious given the likelihood that someone could do this with minutes access and it could remain resident for a long time. I doubt it's hard to use the access granted here to grab the encryption password and install malware on the victim's system to phone home with the data when the computer is connected to the internet. At least we know about this; had it been someone who doesn't work on security testing with a public interest, it would already be deployed at various countries' border scans.

      1. Richard 12 Silver badge
        Black Helicopters

        What makes you think it hasn't been?

        Now we know about it.

        There's no way of knowing how long others with darker hats have known and exploited it.

        1. Anonymous Coward
          Anonymous Coward

          Re: What makes you think it hasn't been?

          2 years. There, simple. 2016 machines had no T1. 2017 introduce the T1. 2018 the T2.

          1. tip pc Silver badge

            Re: What makes you think it hasn't been?

            My 2016 MacBook Pro has a T1

      2. Anonymous Coward
        Anonymous Coward

        A quick try at the exploit showed that it was possible to boot the machine with a USB stick attached, and insert a nice keylogger and a few other pieces of "useful" software in about 45 seconds. Quick enough for the "evil maid" scenario to be perfectly plausible.

        The new ARM Macs will render all the existing Mac hardware and software totally obsolete. Even the fanbois will freak out when they find that they no longer have support for their shiny commodity rubbish. Apple are threatening (internally) to cease support for all pre-2021 products by early 2022. It's a good time to offload your Apple stock!

  5. Portent
    Terminator

    I need your clothes, boots and your motorcycle

    Listen, and understand. That T2 is out there. It can’t be bargained with. It can’t be reasoned with. It doesn’t feel pity, or remorse, or fear. And it absolutely will not be patched, ever, until your Macbook is dead.

    1. TimMaher Silver badge
      Pint

      Re: I need your clothes, boots and your motorcycle

      What worries me is that the Cyberdyne Corporation actually exists.

      You gat a beer for the excellent reference ———->

    2. Brad16800
      Pint

      Re: I need your clothes, boots and your motorcycle

      This is why I like the reg. It's not the articles but the comments that keep me coming back.

      1. A.P. Veening Silver badge

        Re: I need your clothes, boots and your motorcycle

        There are some articles with a pull of their own, including some (ir)regularly recurring ones like BOFH and Dabsy. On-call and Who Me.

  6. RM Myers Silver badge
    Happy

    This could be good news!

    Louis Rossmann has a video on youtube explaining the perils of having secure boot enabled on an apple PC with the T2 chip. Basically, if the T2 chip's firmware is corrupted, there is no way to update the firmware without deleting your data, and no access to your data without updating the firmware. You definitely want to be religious about backing up your PC. Maybe this security blunder will provide a work around!

    https://www.youtube.com/watch?v=6dwqxsDHkKQ

    1. Dave 126 Silver badge

      Re: This could be good news!

      Indeed, back up. That also covers you for leaving your laptop on a train, having it stolen, fire, flood and acts of dog.

  7. c1ue

    Some real world notes here:

    T2 doesn't just "make the Mac secure" - it also prevents any type of external backup service outside of Apple's walled garden.

    For example: a normal computer - you can boot up on Linux and capture a full dd image. This has its uses - for example, this image preserves all of the OS and installed software, as well as data, should something happen to the source computer. A disk failure can be remedied by putting in a new disk and slapping the image on. A computer failure can be replaced with an identical model computer and said image (really, it is the bios/motherboard).

    With T2 and FDE - you can't do this. The Mac/Linux file system won't work without the T2 present, so virtual images are right out.

    You can mount the image with a "recovery key" a la Bitlocker, but you have to do this ahead of time. Yes, the system is set up so that you can literally not access your own image without going through a specific sequence of events: FDE on, generate recovery key, capture image. Yes, out of order doesn't work (!)

    1. J. Cook Silver badge
      Alert

      @ C1ue:

      A disk failure can be remedied by putting in a new disk and slapping the image on.

      This assumes that the storage isn't soldered directly to the mainboard, which apple's been doing for a while. the SSD craps itself? Hope you made a backup.

      Your cat decides that the mac needs a drink and dumps your beverage into it, trashing the ISL9240 chip in the process. Your data is gone, hope you had a backup complete just before your cat decided to assert their supremacy.

      (https://youtu.be/lTpHa70DDX0) - Another Rossmann rant demonstrating precisely what I'm talking about.

      1. Mark 65

        Just have the image restored to an external SSD and boot via USB3 / Thunderbolt. Ugly, but workable.

    2. tip pc Silver badge

      FDE & you want to boot that disk on another machine

      “ T2 doesn't just "make the Mac secure" - it also prevents any type of external backup service outside of Apple's walled garden.

      For example: a normal computer - you can boot up on Linux and capture a full dd image. “

      For free I can use apples backup solution to back my data up to an attached disk or Nas, I can use carbon copy cloner, super duper, iCloud google drive etc.

      So you want FDE on your boot disk and want to boot that disk on other machines.

      Why?

      How about take an encrypted backup of you data for restore on another machine?

      macOS stores it’s system volumes in a sealed apfs volume, there is no need to back that up, just install a fresh version. You’ll want to keep a copy of the data volumes as that contains user data.

      You can configure, in the gui, the Mac to boot off any external volume you want even unix or windows, effectively instructing T2 to not enforce secure boot.

      If you leave things as default, enable FDE & secure boot on, then you’ll need that Mac with its T2 to read its internal storage.

      I’m not seeing the problem here as that’s totally desirable, with the option to reduce the security if required.

      With the sealed system volume, malware would need to run on T2 & could discover the users encryption key for later unencryption of the data volume on that machine with its T2 chip, so needs 2 visits to that machine to get its data.

      If you could copy the encrypted volume as you suggest it’d be possible to unencrypt the data offsite once the key was known making detection of something murky going on harder.

      The T2 exploit still makes it hard to get at the user data on its encrypted volumes.

      are other solutions more resilient in this aspect?

      Is bitlocker more secure?

      1. c1ue

        Re: FDE & you want to boot that disk on another machine

        The point of a real backup is that you preserve the entire environment, not just data. A full disk image does that.

        Secondly, a full external image is completely undetectable in-system whereas an attacker can poison your system backup if they’re in.

        1. Charles 9 Silver badge

          Re: FDE & you want to boot that disk on another machine

          But when the environment requires specific HARDWARE (like an one-child signing key), then such a backup is simply not possible. And may not be desired for exfoltration reasons.

        2. tip pc Silver badge

          Re: FDE & you want to boot that disk on another machine

          What’s the point of backing up the system volume if it’s exactly the same as what is installed on every machine?

          The data volume contains all system customisations as well as user data.

          Do you back up chrome or some other app up that is readily downloadable or would it be easier to just backup its customised data?

          Some info on the Mac system volume and where it is going.

          https://eclecticlight.co/2020/09/14/will-big-sur-support-the-cloning-of-system-volumes/

  8. HildyJ Silver badge
    Devil

    Apple response

    You're using it wrong.

  9. cb7

    "Apple did not respond to a request for comment"

    HaHaHaHaHaHaHaHaHaHa

    What did you expect them to say? "Yes, our T2 Security Chip we've so prominently been marketing, isn't actually all that secure"?

    1. EnviableOne Silver badge

      Not an Apple Fanboi but ...

      At least you need physical access unlike Intel's SMT and SGX ....

  10. razorfishsl

    This aint the first time Apple dropped the ball, they think they are experts in every field.

    and now they have millions of products with "hard" backdoors......

    1. Maelstorm Bronze badge
      Coat

      Or a backdoor that accepts a hard intrusion.

  11. //DLBL SYSRES

    A handy hack for security services but they already know...

  12. TheProf Silver badge
    Unhappy

    @h0m3us3r, @mcmrarm, @aunali1, @su_rickmark, @axi0mX

    Things have changed a lot in a few years. My workmates used to have names like Dave, Brian and Karen.

    I still don't know anyone with an 'at' sign in their 'business' name.

    1. Anonymous Coward
      Anonymous Coward

      Re: @h0m3us3r, @mcmrarm, @aunali1, @su_rickmark, @axi0mX

      Capgemini's building in Telford, Shropshire is called @Phoenix...

  13. StrangerHereMyself Bronze badge

    You would think

    You would think that one of the richest corporations in the world would be able to buy star programmers who can develop software without use-after-free vulnerabilities, especially if these are present in ROM which cannot be altered!

    Apple should demand all their security software be written in Rust, which doesn't allow for these mistakes.

    1. bazza Silver badge

      Re: You would think

      Yep, a prime example where Rust would have caught the mistake. And yes, very embarassing to have a use-after-free vulnerability in this kind of code! Haven't they heard of valgrind?

      It's interesting to see who is beginning to talk about Rust in these terms. Microsoft, Linus, even Google a little bit in Fuschia. Apple are probably going to have to follow suit at some point. Security gates that have been Rusted shut are going to become the thing to have.

      1. martinusher Silver badge

        Re: You would think

        The language might help but what would work even better would be to avoid using dynamic memory allocation for citical software components. Unfortuantely a lot of languages not only need demand pools but also hide the mechanics of references from the programmer. This may work out OK for applications level programming but in a systems environment this is a potential disaster.

        Languanges like Rust try to shield programmers from the consequences of sloppy coding. There is a place for this capability but its better to understand what you're doing and be very disciplined about how you do it. (....and Rust is written in?).

        BTW -- The idea of making languages error free have been around for quite a long time. ADA was one of the first; its quite an effective tool but for some reason (bulk?) isn't used by companies like Apple and Microsoft.

        1. StrangerHereMyself Bronze badge

          Re: You would think

          You always need dynamic memory allocation in any language because in many situations you don't know how much memory you need until runtime.

          Rust is the best possible solution to a long standing problem which wasn't solved by any other language, including ADA.

          And just saying that you need to be smarter is nonsense. People have been saying that for decades, and look where it has brought us. A world full of insecure software which is buggy and flaky. We need a language like Rust which elliminates these kind of mistakes.

          1. EnviableOne Silver badge

            Re: You would think

            The best solution to the memory allocation issue is set your bounds, sanitise your inputs, and code properly.

            This is the way

            Rust is for those too careless or too unskilled to manage it for themselves.

            1. Anonymous Coward
              Anonymous Coward

              Re: You would think

              Can you be sure your bounds stay enforced, even if the memory moves outside your scope, to code outside your control? Can you be sure your inputs are actually sanitized and can't still be exploited? What about multi-threading and race conditions?

              The amount of control you actually have is small and shrinking, and things can happen outside your control, including fault cascades.

  14. Prst. V.Jeltz Silver badge
    Joke

    "Evil Maid"

    TLDR

    I Thought an "Evil Maid" attack was what happened at the end of "Spaceballs"

  15. Si 1

    Evil maid would have got away with it too...

    ... if she had a memory stick that was USB-C and not A.

    1. Anonymous Coward
      Anonymous Coward

      Re: Evil maid would have got away with it too...

      There are highly-transportable USB bridge devices available at your local big box. On one end is a USB-C plug, on the other is a USB-A plug that can fold down and turn the "tongue" into a USB Micro plug for OTG operation. The stick itself can take SD, SD Micro, and even has a USB-A 3.0 port for separate sticks. Bring one of those along (they're not much bigger than your average USB stick) and you're pretty well covered.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021