Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Artakamoose

macrumors member
Dec 4, 2016
53
38
Bay Area
From my limited understanding of these vulnerabilities, most of them require Thunderbolt, which the cMP does not and will never have. I'm not sure about CVE-2015-7035 though.
 

William_si

macrumors regular
Apr 4, 2016
188
55
Croatia
A Mac Pro has exposed PCIe, no chassis intrusion detection and a server chipset.

You can hotplug PCIe and get DMA access.

The Mac Pro is by default affected by this, without any EFI hacks exploiting PCIe via TB.

Aside, Firewire is DMA based and even less secure.
 

chrfr

macrumors G5
Jul 11, 2009
13,648
7,191
Can anyone with some EFI expertise comment on the following report?

https://duo.com/blog/the-apple-of-your-efi-mac-firmware-security-research
https://arstechnica.co.uk/information-technology/2017/09/macs-firmware-hacks/

It would appear as though our beloved cMPs are on the list of vulnerable EFI firmware with no hope of a fix.
The one mitigating factor is that the EFI firmware on the Mac Pro is so tiny that it can't be written without going through a special firmware update process. Newer computers can automatically update the firmware when software updates are applied.
 

devon807

macrumors 6502
Dec 31, 2014
372
95
Virginia
So all in all, in the case of the cMP, someone would have to physically have access to the system to execute these attacks?
 

AidenShaw

macrumors P6
Feb 8, 2003
18,667
4,677
The Peninsula
So all in all, in the case of the cMP, someone would have to physically have access to the system to execute these attacks?
In general, physical access to a system trumps all other attempts at security. And remote access to the "physical" console is equivalent.

If I can boot into "safe mode" or "single user mode" - I have full control over the system and can bypass any security that's in place.
 

thornslack

macrumors 6502
Nov 16, 2013
410
165
I'm not sure that's a safe conclusion to jump to. The one article states "...firmware exploits are currently considered to be on the bleeding edge of computer attacks. They require large amounts of expertise, and, in many—but not all—cases, they require brief physical access to the targeted computer."
 

ActionableMango

macrumors G3
Sep 21, 2010
9,612
6,909
I'm not sure that's a safe conclusion to jump to. The one article states "...firmware exploits are currently considered to be on the bleeding edge of computer attacks. They require large amounts of expertise, and, in many—but not all—cases, they require brief physical access to the targeted computer."

I was only speaking in the context of the three methods specifically listed in the article, all of which require a Thunderbolt port which the cMP lacks.

The context of unspecified cutting-edge EFI attacks is a very different case since they are inherently unknown. But in any case, almost every computer is vulnerable to attack via physical access and that won't change with a firmware update. The only safeguard in that scenario is to secure physical access.
 
  • Like
Reactions: h9826790
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.