3 comments

[ 23.2 ms ] story [ 773 ms ] thread
We generally assume that an attacker with physical access is going to win, but there are limits on that - the usual assumption is that it's going to take some time, and potentially leave evidence that can be picked up with enough attention to detail (such as screws not being in precisely the same alignment). This attack violates all of that - there's no physical modification of the machine, and it takes under a minute. That's the difference between an attack where you know the machine has left your control for some time and an attack that can take place while you're momentarily distracted.

The lack of response to this from Apple is deeply disappointing. The attack isn't technically persistent - rebooting the T2 will clear it. But the T2 doesn't reboot when the host OS does, and Apple haven't published any guidance on how to guarantee that it has been (eg, does holding the power button down for long enough cut power to the T2? Does performing an SMC reset? Both seem to, but is that guaranteed to be the case if the T2 is running malicious code?). In addition, the Blackbird SEP exploit probably means that we have to assume that all secrets kept in the Secure Enclave can be stolen - but we don't have a full enumeration of what those typically are, or what the security impact of this is as a result.