Agreed, the pre-2016 Macs were one of the best, I found in all truthfulness the 2012 rMBP to be the absolute best laptop I've ever owned.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple's T2 Chip Has Unpatchable Security Flaw, Claims Researcher [Updated]
- Thread starter MacRumors
- Start date
- Sort by reaction score
As someone with just a few posts, have a read of the thread, before jumping to conclusions.
Its not jumping to conclusions when the story mentions this:
I think its safe to say that there is a security flaw
Look… Apple decided to take hardware on, on their own, 100%. That means there is nobody else to pass the buck to when these problems come up, which they inevitably will.
Once they do that, they do NOT get to just simply say, “Hey, not our problem, this affects everyone”. Apple has to fix the problems, now and forever. Or else they take 100% of the blame for not doing so. This wasn't the case before. which is why we didn't see reactions like that before now.
If Apple thinks they've got this in hand, then let's see them do it. Hell, their hardware hasn't even come out yet, and they've already got a critical exploit to deal with. So yeah, let's hold their feet to the fire and make them deal with this—or are we going to decide that we don't care as long as we get to play Apple's approved version of Candy Crush 4 on the latest iMac Pro Plus?
the Mac is slowly dying because Steve Jobs said it would. He predicted consumers and industry would be moving to mobile devices.
So the person you should be mad at is Steve Jobs.... not Tim
What an extremely ignorant statement. Go learn about Meltdown, Spectre or RowHammer.
I'm typing this response on a 2009 Mac Pro, upgraded to 2x6 cores (firmware upgraded to 5,1) with 128GB of RAM and an RX580 running 10.13, and my laptop ain't much newer, so I'm having a hard time disagreeing with you there.
Isn’t there a potential software fix too? Apple could require user confirmation before allowing communications with any newly plugged in USB device, like we have on iOS.
I totally agree we should hold their feet to the fire to fix it without saying that Apple Silicone is a failure. The amount of companies that get pwned in the first 5 minutes of the annual hackathons are scary to think about but shows you how security is a never ending cat and mouse game. Luckily, Apple has been (for the most part) great at patching things as fast as possible even though I'd like to see them up their bounty in the future.
Still using mine even after I thought it was dead with liquid spillage, few days later and it was back working but battery is shot and needs be plugged in all the time.
Humans code stuff, humans circumvent the code humans wrote .... such is life.
Nonsense. Apple works relentlessly on security. Note that it's become increasingly hard for jailbreakers to find a method to jailbreak iPhones. Notice that the flaw in the T2 chip has already been fixed. And lastly, notice that intel's chips have had worse security issues. Only the most naive and uninformed person thinks 100% security is achievable. In the scheme of things, this isn't the worst risk, since it isn't an attack that can be performed remotely.
the Mac is effectively becoming iOS/iPad hardware as a new category. This particular security exploit requires physical access, so App store arguments are moot. No remote pwning.
you really just want to bash on Apple. Your arguments are baseless.
[automerge]1601986788[/automerge]
haters are contrarian and fact free. Typical.
I don't want to get into all the back and fourth over whose better or worse about anything but I will say that Apple will need to get more transparent on dealing with security issues now that own the whole thing.
No question but they do so behind closed doors, where most other organization do everything out in the open to allow others to review and try to break it. Without such peer review, there are inherent weaknesses that can creep in
Someone on a Mac news site being obnoxious about Mac users. Sadly even more typical. Hopefully at some point you'll actually grow up enough to be embarrassed about this kind of childish nonsense. Your post adds absolutely nothing of substance. From the fans about whom you sneer though, there are genuinely 3 valid defenses: 1) The attack can't be done remotely. 2) The vulnerability was already detected and fixed by Apple, so at least forthcoming chips should hopefully be immune. 3) The attack isn't persistent, so a reboot apparently purges it.
In the scheme of things, there are worse dangers out there. I'm talking about the T2 exploit, not you. About *you*, though... Robert Heinlein was specifically talking about people like you when he said: "I wonder how harmless such people are? To what extent civilization is retarded by the laughing jackasses, the empty-minded belittlers?"
Wow, that's damaging news. So I wonder when infected e-cigs are going to show up, infecting not only their users lungs, but their users computers. Who would plug that crap into their computer anyway. Nevermind... And 'no-data blocks' aren't sold in the same rack those e-cigs are sold. Oops...
The problem here is that this issue, if verified, isn't patchable. At least Intel's are.
That was my understanding too. If someone has physical access to my laptop, it's because it has been STOLEN.
I guess a lot of the people posting on here are highly-place spies and bioweapons researchers if their main concern after their laptops are STOLEN is the data on the hard drive.
Nobody cares about the data on my hard drive, least of all the person who STOLE it. They're going to bypass the security (if they can) to wipe it and sell it.
Have we already forgotten about Meltdown and Spectre, which affected intel cpus and AMD (to a lesser degree)? The problem I think is relying on unpatchable hardware for security. There is bound to be an exploit in any security system just waiting to be discovered. What makes or breaks is whether that system can be updated to address the exploit.
Not always...
Researchers discover that Intel chips have an unfixable security flaw
Security researchers have discovered another flaw in recent Intel chips that, while difficult to exploit, is completely unpatchable. The vulnerability is within Intel's Converged Security and Management Engine (CSME), a part of the chip that controls system boot-up, power levels, firmware and...
www.engadget.com
Apple has a security bounty program, so compensation is provided.