During the course of last week, a computer security specialist alerted the Cupertino firm to a vulnerability affecting its T2 security chip.
According to Jonny Evans of Computerworld, the US giant's security chip is essentially based on a combined action of the software and the flea itself. On closer fire, a Belgian researcher specializing in computer security claims to have found a way to hack the T2 security chip into the recent Intel Mac. And this through the combination of several exploits already developed to hack old phones.
At the moment Apple has not yet commented on the subject. Note, however, that the T2 chip, would be based on an old processor produced by the American giant of the 10 series. Processors that were possible using 2 known jailbreak tools (Checkm8 and Blackbird), to change behavior or even to be able to install malware on the chip. In practice this hacking is not as easy as it seems. Indeed, to succeed the cyber attacker must have physical access to the targeted Mac, to which he must connect through a USB C cable called "debugging" non-standard.
Then he has to run the version of the program dedicated to jailbreaking, during the start of the machine. And it must be said that not all Macs are affected by this vulnerability. Indeed, not all silicon-turning terminals supplied by the American giant are affected by the problem. Moreover, regarding terminals that operate under newer versions of the chip are not as concerned not a vulnerability. In addition, when Macs are protected FileVault, even if attackers access the terminal's content, they will not be able to see the encrypted data, even if it installs malware.
Computerworld's Jonny Evans explains how the hack is developed by the Belgian researcher: "It uses a debugging interface that Apple has maintained on the T2 chip, which allows you to use the DFU (Device Firmware Update) mode without authentication; These tools can be used to "create a USB-C cable that can automatically operate the MacOS device at startup"; The attack allows hackers to gain root access to the T2 chip to modify and take control of what runs on the Mac, including access to encrypted data.
In short, according to the researcher' explanations, hacker who has his exploits, and having the possibility of physically accessing a Mac terminal, will be able to enter the system and of course access the data contained in the terminal in question, modify the operating system (MacOs) and even load Kernel Extensions (kexts).
The Belgian researcher who made the discovery explains why he made public the hacking process. He believes the US giant did not want to react when it announced that the hacking could not take place remotely. Engineers also claim to have found a way to scan and extract data from a device protected by T2 encryption. Which makes the researcher a little more convincing.
"The T2 chip is activated when the Mac starts, while the Apple logo appears. It acts as a trusted root and validates the entire startup process, checking security components and controlling legitimacy. The T2 chip is a kind of guard that maximizes hardware and software security. Therefore, highlighting such a vulnerability can be problematic. The chip uses Apple's Security Enclave to manage Mac computer encryption keys, biometric identification and secure start-up processes. It also includes several controllers such as the system management controller, image signal processor, audio controller and SSD controller. explains Jonny Evans. In a 2018 white paper, the US giant explains how the T2 chip works: "The way Apple's T2 security chip works is based on the concerted action of the chip, hardware, software and services available only at Apple. These capabilities combine to provide unmatched privacy and security features that have never been found before on Mac."
Given the complex nature of the hacking process, it would seem that Apple does not want to cause a general panic, since in any case it will be almost impossible for a hacker to succeed all this activity without any interruption. It is therefore unlikely that the majority of Macs will be exposed to this. However, a security flaw remains a security flaw. It should not be overlooked, at the risk of biting its fingers especially for people who constantly handle confidential data. Perhaps that is where we need to be much more careful, particularly the officers of government structures.
For now the only thing to do, avoid letting your computer drag within anyone's reach. And make sure when using a USB c cable, be sure of the connection.
Now access an unlimited number of passwords: