A vulnerability for Macs could be just around the corner. A modified version tool can be used to inject and execute code on the security chip of Macs. What concrete consequences this brings for Mac users remains to be seen. A software patch of the boot is not possible, Apple can only close the vulnerability with a new hardware revision of the chip.
To bypass the T2 chip, the Mac must be accessed directly with the help of a second device. Therefore, this hack has currently the quality of a handicraft for all those who would like to see what else they can do with their computer.
However, the vulnerability could also be used to the advantage of Apple users. Until now, an SSD upgrade on a Mac has not been trivial. To integrate the new SSD, special software is required. Thus, every user would be able to expand the hard disk space of the computer inexpensively. In addition, it is currently still unclear whether the iCloud activation lock can be bypassed due to the security vulnerability.
Apple’s T2 Chip Is A Processor Embedded In Macs
T2 that runs a customized version of Apple’s operating system. The chip is integrated in almost all Macs for 2 years. An image signal processor, system management controller and controller are integrated in the T2 chip. Part of the T2 security chip is the secure enclave coprocessor known from iOS devices, which handles encryption tasks and manages the fingerprint data for Touch ID. This system is not affected by the vulnerability. The T2 chip is used for improved security. It has an integrated coprocessor, which is responsible among other things, for secure start-up, encryption and storage.
For months, users have been reporting the problem in a number of different audio forums and Apple’s own support forums. The simple solution is to switch off the automatic time synchronization in the settings. Over the past few months, Apple has repeatedly had quality control problems affecting both hardware and software: Recently, a facetime error allowed users to hear the receiver’s microphone before it even answered the call.
