New Vulnerability in lastest Apple macbook chip

Tuesday, October 6, 2020 – 15:54 GMT

T2 does not fully fulfill the duties assigned to it

The T2 protection chip does not adequately secure user data in modern Apple computers, since it itself contains a significant flaw. Because of this, a programmer will circumvent the chip ‘s function to get to the memory of the PC’s records, and this gap can not be removed.

Dangerous Security Chip

The T2 protection chip that Apple has been installing in its laptops and PCs since 2017 has discovered a dangerous flaw.

It can not be removed programmatically, according to the ZDnet site, which applies to all MacBooks, iMacs and other Apple computers the threat of hacking from which it is difficult to hide.

T2 itself is a coprocessor which deals with the functions of audio processing and I / O, and it is primarily required to reduce the load on the central processor. But its primary role is precisely to ensure consumer data protection. Using Touch ID, encryption, KeyChain passwords and many more, it is related to the authorization process.

T2 is the T1 protection chip’s second iteration, which debuted in 2016. Apple marketed the T2 as part of the launch of the iMac Pro 2017 laptop, which became the first PC with such a chip, as a product that greatly improves consumer information security and the safety of the device from hacking.

And, with the Checkm8 exploit used to jailbreak the iPhone, T2 is vulnerable to being hacked. To circumvent the chip and obtain complete access to a macOS-based computer, hackers may use it.

Knowledge has become common among users about the nature of the problem. For eg, over 40 comments were received by a Reddit thread created by user LayinLo usmc at the time of writing about 11 hours ago. On Twitter, related posts started to surface.

Algorithm for hacking and potential implications

Due to the fact that this chip is based on the A10 cpu, launched by Apple in 2016 and used in the iPhone 7 and 7 Plus smartphones, as well as in the iPad 6 and iPad 7, the method to circumvent T2 using exploits for the iPhone became feasible. And Checkm8 is vulnerable to the A10 and T2.

According to the Belgian information security company IronPeak, a direct link to a macOS computer via USB-C is needed to crack the Apple security chip. Checkra1n 0.11.0 jailbreak must be run immediately at device boot time.

Hacking a MacBook is possible only through physical contact with it

How to safeguard yourself against hacker in this case ?

Since a firmware upgrade will not address the issue with the T2 chip, owners of Mac computers with this chip on board may have to cope on their own. Not having someone, including yourself, to attach suspect devices with a USB-C connector to their computers is the only thing that can be done. Do not use USB-C cables of questionable origin, either.

It is difficult to hack a PC remotely, for instance from the Internet or via Bluetooth-you need a direct hardware link, and it is via USB-C.

The MacRumors portal reports that new Apple computers based on their own ARM processors, which it reported on its Macs in the summer of 2020, might not be affected by the epidemic. It is likely that the T2 chip would not be in them, due to the peculiarities of modern A-series processors, but this topic is still open.