Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Yet another of the never-ending plethora of unpatchable security flaws in Apple's chips widely reported in the news today
3 views
Skip to first unread message
Arlen Holder
Oct 6, 2020, 6:58:49 PM10/6/20
to
All verbatim, because apologists _hate_ what Apple is, so they brazenly
deny facts about Apple lack of security (which helps them maintain their
imaginary belief systems intact as they blissfully ignore (and openly deny)
astoundingly huge security holes _designed_ into the chips themselves - so
they're patently unpatchable!). And yet, they feel Apple knows design
because MARKETING told them so (that's the full basis of their belief
system - MARKETING brochures and white papers - no actual facts
whatsoever.)
o Let's talk about a vulnerability that's completely exposing your macOS devices
<https://ironpeak.be/blog/crouching-t2-hidden-danger/>
"In case you are using a recent macOS device, you are probably using the
embedded T2 security chip which runs bridgeOS and is actually based on
watchOS. This is a custom ARM processor designed by Apple based on the A10
CPU found in the iPhone 7. The T2 chip contains a Secure Enclave Processor
(SEP), much like the A-series processor in your iPhone will contain a SEP."
o "*The root of trust on macOS is inherently broken*"
o "They can bruteforce your FileVault2 volume password"
o "They can alter your macOS installation"
o "They can load arbitrary kernel extensions"
<https://ironpeak.be/blog/crouching-t2-hidden-danger/>
o Apple's T2 Chip Has Unpatchable Security Flaw, Claims Researcher
<https://www.macrumors.com/2020/10/06/apples-t2-chip-unpatchable-security-flaw/>
"Intel Macs that use Apple's T2 Security Chip are vulnerable to an
exploit that could allow a hacker to circumvent disk encryption,
firmware passwords and the whole T2 security verification chain"
"security researcher Niels Hofmans claims that because the chip is based
on an A10 processor it's vulnerable to the same checkm8 exploit that is
used to jailbreak iOS devices."
<https://ironpeak.be/blog/crouching-t2-hidden-danger/>
o Apple's T2 chip has unpatchable security flaw
<https://www.imore.com/apples-t2-chip-has-critical-unpatchable-security-flaw-says-researcher>
"The report also says that FindMy's remote device locking feature can be
bypassed if you were to misplace your Mac or have it stolen.
According to the blog, this vulnerability has been disclosed to Apple
"on numerous occasions" without a response. The report postulates that
Apple doesn't plan on going public with a statement and is quietly
developing a new patched T2 chip for its upcoming Macs."
--
I realize apologists _hate_ all facts about Apple security so they will
brazenly deny these facts exist, or, if they can't get away with brazen
denials, they will attempt to vastly downplay the fact that Apple
consistently & repeatedly designs these never-ending unpatchable huge
wide-open security flaws into their rather well MARKETED chips.
deny facts about Apple lack of security (which helps them maintain their
imaginary belief systems intact as they blissfully ignore (and openly deny)
astoundingly huge security holes _designed_ into the chips themselves - so
they're patently unpatchable!). And yet, they feel Apple knows design
because MARKETING told them so (that's the full basis of their belief
system - MARKETING brochures and white papers - no actual facts
whatsoever.)
o Let's talk about a vulnerability that's completely exposing your macOS devices
<https://ironpeak.be/blog/crouching-t2-hidden-danger/>
"In case you are using a recent macOS device, you are probably using the
embedded T2 security chip which runs bridgeOS and is actually based on
watchOS. This is a custom ARM processor designed by Apple based on the A10
CPU found in the iPhone 7. The T2 chip contains a Secure Enclave Processor
(SEP), much like the A-series processor in your iPhone will contain a SEP."
o "*The root of trust on macOS is inherently broken*"
o "They can bruteforce your FileVault2 volume password"
o "They can alter your macOS installation"
o "They can load arbitrary kernel extensions"
<https://ironpeak.be/blog/crouching-t2-hidden-danger/>
o Apple's T2 Chip Has Unpatchable Security Flaw, Claims Researcher
<https://www.macrumors.com/2020/10/06/apples-t2-chip-unpatchable-security-flaw/>
"Intel Macs that use Apple's T2 Security Chip are vulnerable to an
exploit that could allow a hacker to circumvent disk encryption,
firmware passwords and the whole T2 security verification chain"
"security researcher Niels Hofmans claims that because the chip is based
on an A10 processor it's vulnerable to the same checkm8 exploit that is
used to jailbreak iOS devices."
<https://ironpeak.be/blog/crouching-t2-hidden-danger/>
o Apple's T2 chip has unpatchable security flaw
<https://www.imore.com/apples-t2-chip-has-critical-unpatchable-security-flaw-says-researcher>
"The report also says that FindMy's remote device locking feature can be
bypassed if you were to misplace your Mac or have it stolen.
According to the blog, this vulnerability has been disclosed to Apple
"on numerous occasions" without a response. The report postulates that
Apple doesn't plan on going public with a statement and is quietly
developing a new patched T2 chip for its upcoming Macs."
--
I realize apologists _hate_ all facts about Apple security so they will
brazenly deny these facts exist, or, if they can't get away with brazen
denials, they will attempt to vastly downplay the fact that Apple
consistently & repeatedly designs these never-ending unpatchable huge
wide-open security flaws into their rather well MARKETED chips.
0 new messages