Apple has been adding dedicated security chips to its PCs for quite some time now. Now Apple T2 is relevant. There are many security-related hardware and software functions tied to it.
And it’s very interesting to know that a vulnerability was found in this chip that could allow attackers to bypass the activation lock and carry out various malicious attacks. Once an attacker gains access to the T2 chip, he will have full root access and kernel execution privileges.
The point is that the Apple T2 is actually based on the Apple A10 and is therefore vulnerable to the checkm8 exploit. It also follows that Apple cannot fix the problem with a regular software update, as the T2 base operating system (SepOS) uses persistent memory for security reasons. But this is also a plus, since the vulnerability is actually not constantly active – to “activate” it requires a hardware component, for example, a specially created USB-C cable.
The vulnerability was discovered by an independent security researcher Niels H. He reported the find to Apple, but Apple did not respond. He also notes that the vulnerability exists in all Macs with a T2 chip and Intel processors. At the same time, it is possible that it also applies to some Apple smartphones and tablets, since they also use one of the components of the T2 chip and SepOS. But in the case of devices based on SoC Apple A systems, they use a different boot system, which possibly protects them from the described vulnerability.