IntelMus, which uses LPL’s T2 security chip, is vulnerable to an exploit that could allow hackers to block disk encryption, firmware passwords and a full T2 security verification chain, a cybersecurity researcher said.
/article-new/2013/09/t2chipmacbookpro.jpg?resize=618%2C389&ssl=1)
Apple’s custom-silicon T2 co-processor is present in the new Mac and manages encrypted storage and secure boot capabilities, as well as many other controller features. In a blog post, however, security researcher Niels Hoffman claims that the chip is based on the A10 processor because it is susceptible to the same checkam 8 exploitation that is used to jailbreak iOS devices.
This vulnerability is able to hijack the boot process of T2’s SAP’s operating operating system to gain gain access to the hardware. Usually the T2 chip makes a fatal error if it is in Device Firmware Update (DFU) mode and detects a decryption call, but using another vulnerability developed by Team Pangu, Hoffman claims that the hacker ignored this probe. Possible and get .x access of T2 chip.
Once gained access, hackers have full root access access and kernel execution privileges, although they cannot directly decrypt the stored files using FileVolt 2 encryption. However, the T2 chip manages keyboard access, so hackers can inject keyloggers and steal passwords used for decryption.
According to Hoffman, exploitation can also bypass the remote device loc king function (activation l) c) used by services such as MDM and FindMy. The firmware password will not help prevent this as it requires keyboard access, which requires a T2 chip to run first.
For security reasons, the Sepos T2 chip is stored in read-only memory (ROM), but this software update also prevents exploitation from being slapped by Apple Pal. On the plus side, though, it also means that the vulnerability isn’t constant, so it requires “inserting hardware or other connected component such as a malicious USB-C cable” to work.
Hoffman says he has reached out to Apple about the exploit but is still waiting for a response. Meanwhile, the average user can protect themselves by keeping their machines physically secure and avoiding plugging in unreliable USB-C cables and devices.
Finally, researchers have noted that the next Apple Pull Silicone Max uses a different boot system, so it is likely that their vulnerability will not be affected, although this is still being actively investigated.
.
