Apple T2 chip security vulnerability disclosed

  • SpinRite Release Candidate #5 Posted
    Guest:
    Another heads-up for anyone who's interested in remaining current with SpinRite as it moves from pre-release to final v6.1. The DOS executable "SRPR.EXE" now being offered by GRC's pre-release page has been updated to Pre-Release #5. Only one error was found in RC4: When the log exceeded more than 113,359 lines, the oldest lines were not being discarded from the on-screen "scroll-back" buffer. That's fixed in RC5. Otherwise, so far as anyone knows, SpinRite 6.1 is finally ready for the world. This interim FAQ page has pre-release downloading details.
    /Steve.
  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.

iSecurityGuru

iSecurityGuru

Terence Kam
Sep 25, 2020
18
7
Sydney, Down Under (Australia)
isecurityguru.com
Anyone seen this report?

ironPeak

Let’s talk about that thing nobody’s talking about. Let’s talk about a vulnerability that’s exposing 2018-2020 Macs while most are declining to act nor report about the matter. Oh, and did I mention it’s unpatchable? Buckle up buckaroo, we’re in for a wild ride. Skip to #security-issues for the...
ironpeak.be ironpeak.be

Basically, there‘s a bug with Apple’s T2 chip that makes Mac vulnerable to Evil Maid attack. Since the T2 chip is the latest technology from Apple to secure their Macs, this means all Macs are currently vulnerable?

So far, no word from Apple...
 
It's real, and it's unfixable. Not sure if there is much more that can be meaningfully said.
blog.t8012.dev

Plug'nPwn - Connect to Jailbreak

Building on checkm8 and checkra1n, we demo real-world attack scenarios.
blog.t8012.dev

Apple doesn't own up to bad keyboard design, does anyone think they'll own up to a fatal security flaw that can only be fixed by doing a recall and desoldering and replacing a chip?
 
You must log in or register to reply here.

Similar threads

S
Desktop (endpoint) Log4J Vulnerability ?
Replies
2
Views
454
Security
EdwinG
EdwinG
P
Zyxel hard coded password vulnerability
Replies
1
Views
696
Security
Intuit
I
iSecurityGuru
Beware! Critical Apple bug wipes out passkeys
Replies
2
Views
557
Security
iSecurityGuru
iSecurityGuru
A
email security
Replies
16
Views
2K
Security
Lob
Lob
AzDayton
Space Security(?)
Replies
3
Views
721
Security
rfrazier
rfrazier
Top Bottom
Back