TL DR: all recent macOS devices are no longer safe to use if left alone, even if you have them powered down. The ironPeak blog post summarizes the position in stark terms. Any Mac or MacBook left unattended can be hacked by someone who can connect a USB-C cable, reboot the device, and then run Checkra1n 0.11.0. The danger regarding this new jailbreaking technique is pretty obvious. This allows an attacker to get root access on the T2 chip and modify and take control of anything running on the targeted device, even recovering encrypted data “Using this method, it is possible to create an USB-C cable that can automatically exploit your macOS device on boot,” ironPeak said. Per ironPeak, this works because “Apple left a debugging interface open in the T2 security chip shipping to customers, allowing anyone to enter Device Firmware Update (DFU) mode without authentication.” This works because of some shared hardware and software features between T2 chips and iPhones and their underlying hardware.Īccording to a post from Belgian security firm ironPeak, jailbreaking a T2 security chip involves connecting to a Mac/MacBook via USB-C and running version 0.11.0 of the Checkra1n jailbreaking software during the Mac’s boot-up process. The attack requires combining two other exploits that were initially used for jailbreaking iOS devices - namely Checkm8 and Blackbird. The reason they can also be used on Macs is because the T2 security chip is based on the A10 chip used in older iPhones. ZDNet reports that the attack involves using two exploits used to jailbreak iPhones. A combination of two different exploits would give a hacker the ability to modify the behavior of the chip, and even plant malware like a keylogger inside it.Īll Macs sold since 2018 contain the T2 chip, and because the attack uses code in the read-only memory section of the chip, there is no way for Apple to patch it … How the T2 security chip exploit works Speculation that the T2 security chip on modern Macs can be hacked has been confirmed by the team behind the research.
0 Comments
Leave a Reply. |