A weakness has been found in Apple’s T2 security chip. At first, it seemed like a problem for iPhones only, but it appears to affect Macs as well. There is already a tool out there to exploit it weakly and that is a big problem for Apple users.
T2 security chip from Apple
The tool allows you to bypass the T2 security chip and grant yourself access deep into the system. It’s also a weakness that is widely used to jailbreak older iPhones. Macs are also at risk, as every Mac has a T2 chip inside. Nowadays they are less on the radar because they are not jailbroken as frequently as iPhones, but it is a weakness in a system on which many creatives build daily.
Apple can’t fix this flaw for Macs, so it can only come up with thresholds to at least force hackers to overcome multiple hurdles to get to their target. The T2 chip is precisely for providing Apple products with important options, such as data storage, Touch ID and Activation Lock (which is used for Apple’s Find Me service).
You don’t want to have any mistakes in that, but they crept in anyway. The weakness called Checkm8 (checkmate) is now being exploited by a tool made by Checkra1n. You can use it to run Linux or play Doom on the Touch Bar of MacBook Pro, for example. Handy and fun, but at the same time, you can use it to fiddle with security. The System Integrity Protection and Secure Boot can be disabled, after which hackers can install malware on the system.
It gets worse: there is one more weakness in the T2. Together they make it possible to obtain the FileVault encryption key that can be used to unlock the encrypted user data. Because it is a weakness in low-scaled and immutable code in the hardware, it is impossible to patch it. So much for the safe “black box” from Apple. You would think: it is not very easy to take advantage of the weakness.
You need physical access to access a device anyway, partly because USB must be used to use the tool. So hackers cannot remotely access your Mac with T2 chip. So it does not seem to be a mistake that is a direct major threat to your Mac.