T2 security chip on Macs can be hacked to plant malware; cannot be patched
TL;DR: all recent macOS devices are no longer safe to use if left alone, even if you have them powered down.
- The root of trust on macOS is inherently broken
- They can bruteforce your FileVault2 volume password
- They can alter your macOS installation
- They can load arbitrary kernel extensions
@dallin It's the same thing that can exploit most modern iOS devices if I recall.
@dallin i can’t exactly say i was waiting for this, but i’ve been waiting for this. at first i just thought “hey, its for security!” then when i saw all the bullshit hardware lockdown this causes, I was just waiting for a problem with it.
@dallin "no longer safe to use" in the same sense that a glass of pop which you left on the counter while you were out of the room is "no longer safe to drink" - theoretically somebody could have snuck in and poisoned or roofied your drink, yes. That could happen.