Mac T2 Chip vulnerability

Marc · October 2020

Like the recently discovered intel chip vulnerability, another example of a dedicated hardware chip found to be vulnerable. As with the Intel vulnerability, hardware vulnerabilities can more disturbing then software as hardware can rarely be modified when these things are found.

Snippet below from Ars Technica. https://arstechnica.com/information-technology/2020/10/apples-t2-security-chip-has-an-unfixable-flaw/

A recently released tool is letting anyone exploit an unusual Mac vulnerability to bypass Apple's trusted T2 security chip and gain deep system access. The flaw is one researchers have also been using for more than a year to jailbreak older models of iPhones. But the fact that the T2 chip is vulnerable in the same way creates a new host of potential threats. Worst of all, while Apple may be able to slow down potential hackers, the flaw is ultimately unfixable in every Mac that has a T2 inside.

Good news, if there is any, is that it requires physical access to a machine to exploit so no need to ditch your later model macs. Just another reminder in keeping an eye on any laptop or other hardware you use when away from the home.

RobC1950 · October 2020

How can you use an app to hack a T2 chip without access to a laptop or smartphone. The only way I was able to get around the T2 security chip and the BIOS password on my Lenovo Thinkpad T450 was by removing the hard drive and replacing it with the hard drive from my 2nd Lenovo Thinkpad T450. This wiped the BIOS password and also reset the T2 chip. I then swopped back the the hard drives of my two Lenovo Thinkpad T450’s. To be fair, I was a bit surprised that it worked and by swapping the hard drives I was able to fix my locked Thinkpad T450.

Marc · October 2020

Interesting and I guess proves the point that once someone has physical access to a system, it’s just a matter of time till the locks get broken.

Mac T2 Chip vulnerability

Comments