Does Apple T2 Chip Really have a Security Flow Which Can’t Be Patched?

Here is what Neils Hofmans from ironPeak says:

“The mini operating system on the T2 (SepOS) suffers from a security vulnerable also found in the iPhone X since it contains a processor based on the iOS A10 processor. Exploitation of this type of processor is very actively discussed in the /r/jailbreak subreddit.

So using the checkm8 exploit originally made for iPhones, the checkra1n exploit was developed to build a semi-tethered exploit for the T2 security chip, exploiting a flaw. This could be used to e.g. circumvent activation lock, allowing stolen iPhones or macOS devices to be reset and sold on the black market.

Normally the T2 chip will exit with a fatal error if it is in DFU mode and it detects a decryption call, but thanks to the blackbird vulnerability by team Pangu, we can completely circumvent that check in the SEP and do whatever we please.

According to Hofmans, this vulnerability can’t be patched. At the same time, he says it’s not a “persistent vulnerability”. This Hofmans claim means that a hacker would need a hardware insert, or a kind of “other attached component” like a malevolent USB-C cable, to take advantage of this vulnerability.

His report was continued as follows:

Once you have access on the T2, you have full root access and kernel execution privileges since the kernel is rewritten before execution. Good news is that if you are using FileVault2 as disk encryption, they do not have access to your data on disk immediately. They can however inject a keylogger in the T2 firmware since it manages keyboard access, storing your password for retrieval or transmitting it in the case of a malicious hardware attachment.

This report also contains information saying that Find My Mac feature for remote Apple Devices locking can be bypassed if you lost your Mac or it was stolen.

The blog also says that this vulnerability was reported to Apple more than once, but they did not respond. It looks like Apple isn’t going to release a public statement. Instead, the chances are, they will just develop a new patched T2 chip for the next Macs. According to the report, the bottom line is that "macOS devices are no longer safe to use if left alone, even if you have them powered down." Checkra1n jailbreak and checkm8 exploit are the tools used to brute-force a FileVault2 volume password, adjust your macOS installation, and load arbitrary kernel extensions. Once again, the report emphasizes that the physical access is the only way to accomplish that.

Other security expert Will Strafach has responded to this post via Twitter to calm things down about this issue:

• T2 is and has been vulnerable to checkm8, released in late 2019.
• What is proven: with physical access to such a computer and time to reboot into DFU to apply checkm8, one can boot arbitrary code on the T2.
• What is not proven: any sort of useful persistence. property lists on the Data partition could be modified, which is not great, but there is no evidence yet that one can persist unauthorized code through a full and proper reboot.
• There is a pretty big issue with the T2, but it seems important to gather precise facts about what is or is not a risk prior to putting info out there.

Strafach agreed with ironPeak’s statement that Apple was supposed to respond to this issue somehow. This is what he said:

“Apple should have really said something by now. I think it is causing more confusion by not directly addressing the matter.”

Bypass Mac T2 Software: Activation Lock, MDM, EFI, PIN

The CheckM8 Dev Team has developed a software for bypassing Activation, EFI firmware, System PIM and MDM Lock on Mac device with Apple T2 Security Chip.

• Bypass Mac iCloud Activation Lock Tool
• Bypass Mac MDM Lock Tool
• Bypass Mac EFI Firmware Lock Tool
• Bypass Mac System PIN Lock Tool