Apple's T2 Chip Has Unpatchable Security Flaw, Claims Researcher [Updated]

[gavroche]

Yikes.

Also, I find it extremely disappointing that every time a security researcher voluntarily notifies Apple of such threats—be they patchable or otherwise—and after no doubt spending a lot of their own time uncompensated researching them, the response from Apple is always silence; or (if you’re lucky) a long, protracted delay before they even acknowledge your effort with a reply.

That’s quite pathetic really. The least they could do is get someone to call this guy personally to thank him and assure him that it’s being looked into. Perhaps even keep him in the loop on progress. From a public relations perspective that is the right thing to do. And Apple wonders why some people just go straight to the media instead! I don’t feel motivated to bug-test for Apple because of this.

But by the looks of things there’s nothing they can do and our Macs aren’t as secure as Apple claimed!

Work that Apple does to fix security issues can and should happen behind the scenes. It’s not information that in any way helps the problem to disclose publicly. You think putting out a flowery “we are working on the problem” statement somehow makes things better?
It reminds me of the old statement about the CIA... “Our failures are known, our successes are not.”

 

[gplusplus]

I hope this can somehow be fixed. If not, I literally have no choice but to switch to PC. Due to compliance requirements with my profession, I need reliable hardware based encryption. The T2 is perfect for my needs, barring a massive exploit.

 

[Kevin2055]

That's why John Conner could hack the T800

 

[maflynn]

I hope this can somehow be fixed.

Based on the article, its not looking it will be

 

[simonmet]

Apple has a security bounty program, so compensation is provided.

I know about that, but it wasn’t mentioned if the person had applied or if they qualify.

I’m guessing that, given the bug is claimed to be an unpatcheable design flaw, that it doesn’t qualify. I have a feeling that only bugs that can be patched and fixed qualify for that program.

 

[grjj]

I hope this can somehow be fixed. If not, I literally have no choice but to switch to PC. Due to compliance requirements with my profession, I need reliable hardware based encryption. The T2 is perfect for my needs, barring a massive exploit.

Two things:
1) this only affects the hardware level T2 encryption. It does not affect FileVault software level encryption.
2) it requires someone to have physical access to your machine to connect a device and a simple restart seems it would resolve this until the hardware attack was repeated.
The risks to data loss seem to hover around zero unless you are known to have classified information on your machine and are not taking physical security measures to protect it.

 

[trainwrecka]

I miss the Mac vs PC commercial days where Macs were immune to this sort of stuff. (Honestly, they still are if you don't visit suspect websites or open suspicious attachments/emails.)

 

[AndiG]

That’s is not a real problem. Apple will declare all Macs with a T2 chip obsolete. After that you‘ll buy a new Mac - problem solved ...

 

[AndiG]

I miss the Mac vs PC commercial days where Macs were immune to this sort of stuff. (Honestly, they still are if you don't visit suspect websites or open suspicious attachments/emails.)

Yes - really would love to see those ads again. Here is the plot
- PC appears, PC lost weight seems fitter than ever before
- Mac appears
- Mac carries a ton of adapters and looses some adapters while approaching
- PC says „Hi I‘m a PC“
- Mac searches a speech adapter but fails
- Finally Mac let’s Siri say „and I‘m a Mac“

....

 

[MHenr]

If you want MacOS to become nothing more than “iOS Pro”, and you just plan to upgrade every time Apple tells you it's time to put the “latest and greatest” on THEIR computer, then that's on you I guess.

First you tell us Apple silicon will be bedridden with security issues.
Then you complain that these will go unpatched.
And finally you're against updating to the latest version that patches those very vulnerabilities.

So you will only go for a 100% perfect product that will never have a single issue, even in the future, from the get go?

Do you even plan on using any electronic device in the near future?

 

[chabig]

The problem here is that this issue, if verified, isn't patchable. At least Intel's are.

We don’t know whether it’s patchable or not. Apple has yet to say anything.

 

[darngooddesign]

...

 

[MaxinMusicCity]

As Rosanna Danna Danna used to say..."It's Always Something"

 

[brdeveloper]

I could by a Mac Mini with the issue with a 20% discount, since I could only buy cables from Apple official store.

 

[Regbial]

Did the image for this article change from a normal T2 chip to a "broken" one? Or am I tripping..?

 

[GrumpyCoder]

So, we have a blog post that claims there's an issue, but fails to describe in detail how this actually works, leave alone a full demonstration of it. It's written by Niels Hofmans, who is a "security researcher", has a Bachelor degree in "Applied IT, Field Of StudyNetwork and System Administration/Administrator" with zero peer reviewed publications. But he will of course offer his consulting services for which you have to pay. Back in the day, we called these people "script kiddies". 😴

Move along, there's nothing to see and these are not the droids you're looking for. I understand the basic idea, which could lead to a typical security flaw that can be reproduced in a lab, similar to the frozen RAM attack a few years back. From a practical point of few, nothing to worry about. And if your Mac is stolen and people try to access your data, then it's encrypted, so this doesn't work either.

 

[ActionableMango]

And yet those exploits get fixed or patched, because if they didn't bother with it there is always a competitor nipping at their heels, not to mention a bunch of lawsuits waiting for them.

A fix was produced for those, but in reality the vast majority of affected computers are not fixed. Those exploits required a firmware update, which means every single PC vendor had to create an update to their custom firmware. The problems with this are:

• Many smaller vendors did not make a firmware update available at all.
• Major vendors provided firmware updates, but in many cases not for older models, some just a few years old. So major PC vendor models are still affected.
• Even if you have a firmware update for your model, how many typical users actually do firmware updates for their PC? Almost none. Ask your aunt about the last time she updated her BIOS or EFI--yeah, right.
• Even if you have a major vendor PC and a new enough model they provided a firmware update, and you did the firmware update, there was a huge performance loss in many cases. Terrible fix.
• On top of all that, the vulnerability was very, very serious because it could be activated remotely via javascript on a website.

So the bottom line is that those Intel exploits can still attack most computers with the vulnerability, and remotely, and simply by visiting a compromised website.

Apple's vulnerability on the other hand isn't a big deal at all. Taking advantage of it requires physical access to the computer. In my opinion and that of every security expert I know, someone with physical access can hack the computer, period. There are so many other in-person vulnerabilities (Thunderbolt, USB, etc.) anyway that another one just adds to the existing pile.

My friend at Microsoft working security is not allowed to use his laptop if it ever leaves his control. For example if he takes a flight and security looks at it in front of him, all is fine. However, if security takes it to a private room or even just around the corner where he cannot see it, he cannot use the laptop when it is returned to him. It is considered burned.

 

[Donoban]

This reads like complete bs. Show a video of the exploit in action or all bs.
Farming clicking bait posing me off.

 

[goobot]

What about T1?
[automerge]1602017484[/automerge]

We don’t know whether it’s patchable or not. Apple has yet to say anything.

It’s not patchable. It’s in the read only part of the chip.

 

[DVD9]

Well yes but on a chip whose sole purpose is security...? That’s not great is it.

Keeps the FBI and other police agencies happy, as Apple designed it to do.

 

[farewelwilliams]

But 100% of their ability to manage issues has to do with controlling the software ecosystem. How many iOS jailbreaks have gone unfixed except by forcing an OS update—that then cannot be reverted?

You're talking as if Intel has patched all of their known exploits.

If you want MacOS to become nothing more than “iOS Pro”, and you just plan to upgrade every time Apple tells you it's time to put the “latest and greatest” on THEIR computer, then that's on you I guess.

Sure in the enterprise level, they stay a couple of major versions behind, but Apple has always released major security updates for the past few OS releases. But if you're talking from a consumer point of view, you're in the extreme minority when you're saying you don't want to upgrade to the next version of OS.

 

[farewelwilliams]

I think you've hit on exactly the reason why Apple is moving to Apple Silicon. Keeping up with the industry is just way too expensive. Let's imagine what happens during a typical Apple board meeting:

Apple Chief of Security: We've discovered a major flaw in our hardware. We should patch it right away.

Apple Director of Marketing: Oooooorrrr… we can just tell everyone to upgrade to the latest and greatest hardware, and if they don't it's on them for not taking security seriously!

Apple Chief of Security: We have a responsibility to our customers…

Tim Cook: Let's just do what makes us the most money. Hey, aren't you security guys supposed to be handling Lost and Found? Because I'm pretty sure I lost a Bentley with a trunk full $100 bills the other week, and I need you guys to go find that instead of worrying about nonsense like Mac exploits that's doing nothing but putting a dent in our bottom line.

Alternatively:
Intel: Lol I dunno, we can't fix CVE-2019-0090. Just disable that problematic feature and/or buy our new chips to fix it cause we're not doing too well so we need more sales.
Microsoft: But we already told our customers that their Intel devices are going to run slower because of the patches for the other exploits.
Intel: Cha-ching.

Your argument doesn't really hold up here.

 

[chabig]

It’s not patchable. It’s in the read only part of the chip.

That just means the code in the chip can’t be changed. The original Mac had code in ROM and errors in that code were patched at runtime. We don’t know if this is patchable or not until Apple speaks.

 

[jduncanator]

I think everyone is down playing the severity of this issue. The T2 exploit, if proven, is persistent until a full reboot of the system occurs, not until the external hardware is removed.

Imagine the situation where you're sitting in a coffee shop using your computer, you get up to get something from the café. An attacker only needs 5 to 10 seconds with your machine to exploit it whilst you're not there looking at it, once they've done that, the entire machine has been compromised. When you return, entering your password for your account, a keylogger in the T2 can capture your password, and then later use it for FileVault and Keychain decryption, and because the network connection is also accessible to the T2 chip, they can then use this to exfiltrate any file, login credential, fingerprint data, or anything they're interested in off of your computer, via the internet, without a single sign that your machine has been tampered with. All this from 5-10 seconds of unmonitored access with your machine.

Sure, the machine can be uncompromised with a reboot, but how often do we actually shutdown or reboot our macOS-based machines, rather than just shutting the lid? Further, the T2 chip can continue to operate even whilst the lid is closed, potentially waking up the machine via ACPI commands, connecting to a WiFi network, and downloading further malware onto the machine, whilst you think it's asleep in your backpack.

What's worse is that this exploit, as alluded to in the article, is likely present in the boot ROM, an area that is burnt into the chip at the factory and cannot be modified. Think of it like the exploit of the NVIDIA Tegra X1 that caused the first batch of Nintendo Switch units to have a permanent "jailbreak" that couldn't be patched.

That just means the code in the chip can’t be changed. The original Mac had code in ROM and errors in that code were patched at runtime. We don’t know if this is patchable or not until Apple speaks.

The issue here, is that the T2 is the first thing to run in the entire system. It is literally the root of trust in any T2-based Mac devices. Once macOS has booted, it's too late. There is nothing they can do to mitigate the exploit in the operating system.

A fix was produced for those, but in reality the vast majority of affected computers are not fixed. Those exploits required a firmware update, which means every single PC vendor had to create an update to their custom firmware.

This is not true, at least for Windows and (most) Linux based operating systems. Both Spectre and Meltdown were patched via microcode updates, these are delivered directly from Intel themselves via Windows Update or packages from distribution repositories, and are applied directly to the CPU from there. They do not need vendor intervention to deploy these patches.

What vendors can do, however, is ship a patched version of microcode with their BIOS/firmware, so that even before Windows or Linux is installed and updated, the microcode in the CPU is patched. Like you said, this is up to each vendor to deploy, however the vast majority of users will have received the patched microcode via Windows update or other OS update methods.

So the bottom line is that those Intel exploits can still attack most computers with the vulnerability, and remotely, and simply by visiting a compromised website.

This is also only partially accurate these days. The original exploit relied on extremely precise timestamp resolution available via specific APIs in browsers, to do cache timing analysis. When the exploit was originally revealed, these APIs were patched by browser vendors to intentionally "knee cap" the available resolution of these timestamps to prevent their use for timing analysis, but still providing more than enough resolution for web developers needs.

For Meltdown and Spectre to be effective from "simply visiting a compromised website", you'd need to be running a browser version from before the era of these exploits as well as running an unpatched CPU, Kernel and Operating System. Internet Explorer and Microsoft Edge do/did not expose an API for these high resolution timers, so are not affected, Chrome and Firefox both have aggressive update mechanisms, so most users will be on "patched" versions. I'm not aware if Safari exposed these high resolution timer APIs, but I suspect it has been patched also if it did.

 

[chabig]

I think everyone is down playing the severity of this issue.

It’s not an “issue” yet. It is an unsubstantiated claim. We should wait for independent confirmation. Right now people are just jumping to conclusions.