Is the cMP EFI vulnerable to attack?

Discussion in 'Mac Pro' started by Squuiid, Sep 29, 2017.

  1. Squuiid macrumors 6502a

    Squuiid

    Joined:
    Oct 31, 2006
    #1
  2. Artakamoose macrumors newbie

    Joined:
    Dec 4, 2016
    Location:
    Bay Area
    #2
    From my limited understanding of these vulnerabilities, most of them require Thunderbolt, which the cMP does not and will never have. I'm not sure about CVE-2015-7035 though.
     
  3. William_si macrumors regular

    William_si

    Joined:
    Apr 4, 2016
    Location:
    Croatia
    #3
    A Mac Pro has exposed PCIe, no chassis intrusion detection and a server chipset.

    You can hotplug PCIe and get DMA access.

    The Mac Pro is by default affected by this, without any EFI hacks exploiting PCIe via TB.

    Aside, Firewire is DMA based and even less secure.
     
  4. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #4
    The one mitigating factor is that the EFI firmware on the Mac Pro is so tiny that it can't be written without going through a special firmware update process. Newer computers can automatically update the firmware when software updates are applied.
     
  5. devon807 macrumors 6502

    devon807

    Joined:
    Dec 31, 2014
    Location:
    Virginia
    #5
    So all in all, in the case of the cMP, someone would have to physically have access to the system to execute these attacks?
     
  6. AidenShaw macrumors P6

    AidenShaw

    Joined:
    Feb 8, 2003
    Location:
    The Peninsula
    #6
    In general, physical access to a system trumps all other attempts at security. And remote access to the "physical" console is equivalent.

    If I can boot into "safe mode" or "single user mode" - I have full control over the system and can bypass any security that's in place.
     
  7. ActionableMango macrumors 604

    ActionableMango

    Joined:
    Sep 21, 2010
    #7
    All three of the attack methods listed in the articles require Thunderbolt, so I'd say that cMPs are not vulnerable and therefore no fix is needed to address them.
     
  8. thornslack macrumors regular

    Joined:
    Nov 16, 2013
    #8
    I'm not sure that's a safe conclusion to jump to. The one article states "...firmware exploits are currently considered to be on the bleeding edge of computer attacks. They require large amounts of expertise, and, in many—but not all—cases, they require brief physical access to the targeted computer."
     
  9. ActionableMango macrumors 604

    ActionableMango

    Joined:
    Sep 21, 2010
    #9
    I was only speaking in the context of the three methods specifically listed in the article, all of which require a Thunderbolt port which the cMP lacks.

    The context of unspecified cutting-edge EFI attacks is a very different case since they are inherently unknown. But in any case, almost every computer is vulnerable to attack via physical access and that won't change with a firmware update. The only safeguard in that scenario is to secure physical access.
     

Share This Page