Apple's T2 chip has unpatchable security flaw, says researcher

How to download and install macOS Big Sur beta to your Mac (Image credit: iMore)

What you need to know

Apple's T2 chip has a major security flaw.
That's according to the findings of one security researcher.
Apparently, the chip can be compromised using the same checkm8 exploit used to jailbreak devices running iOS.

According to a security researcher, Apple's T2 chip has a critical vulnerability that could allow a hacker to bypass a Mac's disk encryption, firmware passwords, and more.

According to Niels Hofmans at ironPeak:

The mini operating system on the T2 (SepOS) suffers from a security vulnerable also found in the iPhone X since it contains a processor based on the iOS A10 processor. Exploitation of this type of processor is very actively discussed in the /r/jailbreak subreddit.So using the checkm8 exploit originally made for iPhones, the checkra1n exploit was developed to build a semi-tethered exploit for the T2 security chip, exploiting a flaw. This could be used to e.g. circumvent activation lock, allowing stolen iPhones or macOS devices to be reset and sold on the black market.Normally the T2 chip will exit with a fatal error if it is in DFU mode and it detects a decryption call, but thanks to the blackbird vulnerability by team Pangu, we can completely circumvent that check in the SEP and do whatever we please.

Hofmans says the vulnerability is unpatchable, however is not a "persistent vulnerability". This, Hofmans states, means that for a hacker to take advantage of this, they would need a hardware insert or "other attached component" like a malicious USB-C cable to take advantage.

The report continues:

Once you have access on the T2, you have full root access and kernel execution privileges since the kernel is rewritten before execution. Good news is that if you are using FileVault2 as disk encryption, they do not have access to your data on disk immediately. They can however inject a keylogger in the T2 firmware since it manages keyboard access, storing your password for retrieval or transmitting it in the case of a malicious hardware attachment.

The report also says that FindMy's remote device locking feature can be bypassed if you were to misplace your Mac or have it stolen.

According to the blog, this vulnerability has been disclosed to Apple "on numerous occasions" without a response. The report postulates that Apple doesn't plan on going public with a statement and is quietly developing a new patched T2 chip for its upcoming Macs.

A T2 vulnerability has previously been alluded to by various iOS hackers, as noted by ZDNet:

With @checkra1n 0.11.0, you can now jailbreak the T2 chip in your Mac. An incredible amount of work went into this and it required changes at multiple levels.

There’s too many people to tag, but shoutout to everyone who worked on getting this incredible feature shipped.With @checkra1n 0.11.0, you can now jailbreak the T2 chip in your Mac. An incredible amount of work went into this and it required changes at multiple levels.

There’s too many people to tag, but shoutout to everyone who worked on getting this incredible feature shipped.— Jamie Bishop (@jamiebishop123) September 22, 2020 September 22, 2020

checkm8 + blackbird and the T2 SEP is all yours...checkm8 + blackbird and the T2 SEP is all yours...— Siguza (@s1guza) September 5, 2020 September 5, 2020

The report says that the long and short of the exploit is that "macOS devices are no longer safe to use if left alone, even if you have them powered down." The exploit can be used to brute-force a FileVault2 volume password, alter your macOS installation, and load arbitrary kernel extensions. The report again stresses, however, that this is only possible through physical access.

In response to the post, security expert Will Strafach noted a few responses tempering alarm around the issue, stating on Twitter:

"T2 is and has been vulnerable to checkm8, released in late 2019.

what is proven: with physical access to such a computer and time to reboot into DFU to apply checkm8, one can boot arbitrary code on the T2.what is not proven: any sort of useful persistence. property lists on the Data partition could be modified, which is not great, but there is no evidence yet that one can persist unauthorized code through a full and proper reboot.there is a pretty big issue with the T2, but it seems important to gather precise facts about what is or is not a risk prior to putting info out there.

Strafach echoed ironPeak's sentiment regarding Apple's failure to respond to the issue stating:

Apple should have really said something by now. I think it is causing more confusion by not directly addressing the matter.

You can read the full report here.

Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design. Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple. Follow him on Twitter @stephenwarwick9