MacInTouch Amazon link...

Apple security and privacy

Channels
Apple, Security
Yesterday's experience with Apple security updates wasn't great:
  1. Boot into High Sierra (on 2017 iMac 5K), download Mojave installer via Mac App Store.
  2. Run installer — it takes a long time and appears to be successful.
  3. macOS 10.14.6 update needs to be installed.
  4. Update ends with iMac powered on but screen blank.
  5. Leave overnight. Same situation in the morning.
  6. Power off, then back on, using power button.
  7. Boot
  8. Checking System Information:
    1. macOS 10.14.6 (18G87)
      Boot ROM Version: 175.0.0.0.0
      SMC Version (system): 2.41f1
    2. macOS 10.14.6 Update is listed twice under Installations (5 minutes apart); macOS installs are not listed
  9. Checking SilentKnight, MRT needs an update and CompatibilityNotificationData_10_14-1.0.6 is listed as pending
  10. Have SilentKnight Install All Updates; it then reports:
    Latest updates installed:
    XProtect 2019-05-02 01:53:46 +0000 : 2103
    Gatekeeper 2019-08-01 01:25:08 +0000 : 175
    MRT 2019-08-09 12:15:22 +0000 : 1.47
Is it possible that the auto update was on and downloaded a prior version before you thought you were downloading from Apple fresh? I always tell my clients to go into the applications folder and delete any installer in that folder first. Then download fresh and this does not occur in my experience.
 



No, I routinely disable auto-update, and the actual download took a long time (i.e. it took as long as expected for a large, standalone installer).
In your case there may indeed not have been a downloaded update already, but disabling auto-update does not disable auto-downloading updates. Auto-downloading needs to be disabled separately.
 


Ric Ford

MacInTouch
In your case there may indeed not have been a downloaded update already, but disabling auto-update does not disable auto-downloading updates. Auto-downloading needs to be disabled separately.
Yes, I realize that and disable both, since it's all too easy to get tricked into starting an update that has already been downloaded, and I got burned badly by that once: Apple installed a whole new macOS and filesystem when I inadvertently clicked a misleading "update" button, creating a major mess that took many hours to recover from. (In fact, I still have some lingering problems on an account from that disaster, as I didn’t have a full backup of that system.)
 


I’ve finally gotten to the far side of the most difficult hardware upgrade and program/data transfer, from old machine to new, that I’ve ever dealt with in 40 years of computing....

I won’t waste everyone’s time on the details, other than to say that it took over three weeks, and one of the truly rotten things at the root of the difficulty was AgileBit’s new Version 7 of 1Password. I strongly suggest that everyone who has, or is considering, the program as a logon/private info storage utility re-think your strategy.

As a result of the horrible service and... “infection” that 1Password represents, I went on a six-program expedition trying to find a replacement. I suppose I could do a review of how bad five of the six are, but suffice it to say that I’ve settled on Secrets from Outer Corner. It’s a small ISV [independent software vendor] from Portugal that has the chief benefits of decent usability, excellent encryption, and you keep your data on your own computer. If you wish to share it with your other devices, it is easily done through iCloud. (The other vendors only offer an online “cloud-based” password keeping solution.)

Having finally gotten things working, I went back yesterday to do a clean install of macOS 10.14.x on the older 2015 iMac 27”. Using DiskmakerX made the task relatively simple. I brought the clean installation up so that the new owner would be able take over and put her/his credentials on it. I’ve done this a number of times prior to sale of a machine. The buyer gets the new machine with a root account of user and a password of password. They then set it up to their satisfaction. As the new install came up, I again encountered the orders to transfer your data (declined), provide your email address (declined), provide your Apple ID (declined). Then it went off the rails.

In the past you’ve always been able to select, “Set the account up later.” Now there is no such option. If you claim to not have an Apple ID then it demands - and will not give you access to your machine until you do - that you create one. In trying to get around that - obviously I don’t want to put my ID on it, that’s for the new owner - it got to the point where I started trying to build a dummy ID. The next step stopped me, terrified and cold.

The first question to establish the account was the demand that I provide my date of birth. The message in its entirety was as follows:
Apple said:
Your birthday is used to determine which services to set up on this Mac. Select your birthdate below.
Two screens before this, there had been a long screed from Apple about your (my) inalienable right to privacy, yet I can not use this personal tool unless I give fundamental information about myself. Further, Apple will make decisions about the functionality of my bought-and-paid-for device based upon my age? This is in direct violation of Federal proscriptions against age discrimination.

What possible differences in the use of my computer would exist if my birthday were August 1, 2010 or August 1, 1940? More important, even if there are useful distinctions based upon a person’s age, Apple has utterly no standing to make decisions for any human being based upon her/his age, or for that matter, any other personal demographic. (If I identify myself as “handicapped” does it then force the machine into some accessibility mode? Does gender make a difference? Then we begin down the horrifying spiral: ethnicity, language, religion, political persuasion, coffee: black or with cream?)

A valid analogy would be if I wished to buy a new vehicle. The first thing the salesman asks is my age. “You’re too young/old for a sports car. You really aren’t classy enough for a Mercedes so here’s a nice little mini-truck. I can give you a hell of a deal, but only today!”

I rarely waste energy on outrage, because there is so much idiocy loose in our world these days, but I can’t shrug this off. Has anyone else encountered this? Does anyone have a clue why/what/who/how?

I backed up to the “Give us your analytics” page and shut the machine off. Clearly, in the Apple corporate mind, the tool is not a blank device that I - and only I - have control of and will employ in whatever manner I choose. Apple will “…determine which services to set up?” I don’t think so.

I invite others more familiar with the Apple/corporate “reality” to suggest why this is so and more to the point, how do I get around these outrageous demands?


#security #privacy #apple #mojave #install #1password
 


Ric Ford

MacInTouch
... I invite others more familiar with the Apple/corporate “reality” to suggest why this is so and more to the point, how do I get around these outrageous demands?
I think Apple has made it pretty clear why it's doing what it's doing nowadays, and I've made clear some of my thoughts about that. In essence, Apple has decided that its role is to define, manage, track, analyze, control and monetize all our interactions with the world at every possible level and detail while leveraging its astounding weath in developing artificial intelligence systems fed with detailed, extremely personal data from more than a billion customers. (What could possibly go wrong?)

As for practical workarounds for the immediate problem, I'd suggest clean-installing macOS 10.12 or Linux. Actually, why not zero the disk then install from Recovery mode and leave it at that stage for the next owner to set up?
 


Apple will make decisions about the functionality of my bought-and-paid-for device based upon my age? This is in direct violation of Federal proscriptions against age discrimination. What possible differences in the use of my computer would exist if my birthday were August 1, 2010 or August 1, 1940? More important, even if there are useful distinctions based upon a person’s age, Apple has utterly no standing to make decisions for any human being based upon her/his age, or for that matter, any other personal demographic.
My guess is that this is related to how the system might set up an Apple ID and iCloud services in the context of the COPPA law in the US and similar laws elsewhere that are aimed at protecting children under the age of 13.
 


I won’t waste everyone’s time on the details, other than to say that it took over three weeks, and one of the truly rotten things at the root of the difficulty was AgileBit’s new Version 7 of 1Password . I strongly suggest that everyone who has, or is considering, the program as a logon/private info storage utility re-think your strategy. As a result of the horrible service and... “infection” that 1Password represents, I went on a six-program expedition trying to find a replacement.
I've been a very satisfied user of 1Password since version 3. May I ask what your problem was with version 7? What “infection” does 1Password represent?
 


I think I said that ordinary users should install whatever their OS distribution supplies, but organizations maintaining a custom distribution should do this kind of research.
As an individual user, I take all the daily, and sometimes more frequent, updates that flow through the software update service of the Ubuntu-based Linux distributions I'm running.

Not so much on Mac, because I have "automatic updates" turned off. There have been enough reported problems with Apple updates that I like to read on MacInTouch that they're okay to install before doing so. Very recent example where that worked out: the 2019-004 updates Apple issued, pulled, fixed, then re-issued.

Because I have automatic updates off, I'm pretty sure my connected Macs aren't getting Apple's secret channel updates, either. And as to those, since they're "secret," and install in the background, how's even a sophisticated IT department to evaluate them. (Do they get special memos from Apple?)

We're on the verge of an Apple software extinction event thanks to "updates."
Quote Investigator said:
May You Live In Interesting Times
His heart ached as he witnessed how the Yuan troops wreaked havoc in the land every day, like gusts of wind blowing dead leaves before them. Truly,
Far better to be a dog in days of peace
Than to be a human in times of war.
 


Ric Ford

MacInTouch
Because I have automatic updates off, I'm pretty sure my connected Macs aren't getting Apple's secret channel updates, either.
Using macOS Sierra as my example, this may be a viable approach:
App Store Preferences said:
Automatically check for updates
☐ Download newly available updates in the background
☐ Install app updates
☐ Install macOS updates
Install system data files and security updates.​
☐ Automatically download apps purchased on other Macs
I like SilentKnight as a workaround to this problem:
And as to those, since they're "secret," and install in the background, how's even a sophisticated IT department to evaluate them.
 


Ric Ford

MacInTouch
Ooops:
Motherboard said:
Hacker Releases First Public Jailbreak for Up-to-Date iPhones in Years
... Security researchers found this weekend that iOS 12.4, the latest version released in June, reintroduced a bug found by a Google hacker that was fixed in iOS 12.3. That means it’s currently relatively easy to not only jailbreak up to date iPhones, but also hack iPhone users, according to people who have studied the issue.
Sophos said:
Apple iOS update ends in jailbroken iPhones (if that’s what you want)
... According to reports, the current jailbreak doesn’t work on the very latest iDevices.

Apparently, devices using Apple’s new A12 processor aren’t affected -so you can relax – for now, at least – if you have an iPhone XS, iPhone XS Max, iPhone XR, iPad Mini (2019) or iPad Air (2019).

The rest of us are vulnerable.

One obvious suggestion is “roll back to 12.3”, but there are two reasons not to do so: firstly, 12.4 fixed a lot of other potentially serious holes at the same time as accidentally re-enabling SockPuppet; secondly, Apple won’t let you.
 


Ric Ford

MacInTouch
Apple has been issuing more confusing security updates:
Eclectic Light Co. said:
Apple has pushed an update to Gatekeeper’s data with two version numbers again
Apple has pushed an update to the data used by Gatekeeper, bringing its version number to 179, dated 19 August 2019. The last update had taken it to 175. Versions 176 and 177 don’t appear to have been released, and although the installer insists that this update is actually version 178, the bundle version installed is actually 179.

Apple provides no details as to what changes this update brings, but it is normally expected to include recent revocations of security certificates used in signing software.

Apple has pushed another update to MRT
Apple has pushed an update to MRT bringing its version to 1.48 dated 15 August 2019. Apple provides no details as to what changes this brings.
 


DFG

Well, after reading this I rushed to upgrade my iPhone 5S to 12.4 and then tried the unc0ver jailbreak. Unfortunately, it does not work. It never progresses past step 2/31, then it restarts. If I run it again, the same thing happens. I read all the FAQs I could find and still could not make it work...
 


I have had the same problem if I connect my iPhone 6s by wire to my Mac while iTunes is running. If iTunes is running, 100% of the time there is a query — do I want to trust this Mac? If iTunes is not running, then connect-by-wire works fine.
It hasn't been 100% of the time, but I've also had the sense that I am being prompted much, much more frequently in recent weeks than in the past to "trust this Mac." I don't think it started when I updated to iOS 12.4. Perhaps it was after the last round of Sierra security updates, but I'm not certain.
 


Well, after reading this I rushed to upgrade my iPhone 5S to 12.4 and then tried the unc0ver jailbreak. Unfortunately, it does not work. It never progresses past step 2/31, then it restarts. If I run it again, the same thing happens. I read all the FAQs I could find and still could not make it work...
In this day and age, why would anyone want to jailbreak their iPhone? In my opinion, the security risks far exceed any additional capabilities.
 


Well, after reading this I rushed to upgrade my iPhone 5S to 12.4 and then tried the unc0ver jailbreak. Unfortunately, it does not work. It never progresses past step 2/31, then it restarts.
Undedimus was updated to v3.5.5 on Thursday, August 22nd, so you might want to try that if you are dead set on jailbreaking, recognizing that may well open you up to serious malware infections that are sure to appear in-the-wild shortly.
 


Ric Ford

MacInTouch
The Apple laughs just keep coming...
Eclectic Light Co. said:
macOS Mojave 10.14.6 Supplemental Update take 2 is now available
If you thought that we’d already installed Mojave 10.14.6 Supplemental Update, here’s yet another go at it, with some additional fixes: available now through Software Update is Mojave 10.14.6 Supplemental Update take 2...
The Verge said:
Apple issues a quick fix for a fix that was unfixed
Apple pushed out a software update today to repair a problem that it had previously patched — and then somehow unpatched. Update 12.4.1 introduces a fix for a vulnerability in which, according to Apple, “a malicious application may be able to execute arbitrary code with system privileges” — a fix that was originally introduced back in May, and removed in June.
Mr. Macintosh said:
Apple Today Released macOS Mojave 10.14.6 Supplemental Update #2 (18G95)
Apple has now released two Supplemental updates for macOS Mojave 10.14.6. The first macOS Mojave 10.14.6 Supplemental Update #1 (18G87) was released on August 1st. You can take a look at what was included inside the first Supplemental Update in the link below. The second one, which was released today is called macOS Mojave 10.14.6 Supplemental Update #2 (18G95). Apple does not call the updates #1 or #2, but I am, so you can understand that two different Build Versions are out there.
#applequality #appleconfusion
 


… I went back yesterday to do a clean install of macOS 10.14.x on the older 2015 iMac 27”. … I brought the clean installation up so that the new owner would be able take over and put her/his credentials on it. I’ve done this a number of times prior to sale of a machine. The buyer gets the new machine with a root account of user and a password of password. They then set it up to their satisfaction. As the new install came up, I again encountered the orders to transfer your data (declined), provide your email address (declined), provide your Apple ID (declined). Then it went off the rails.
In the past you’ve always been able to select, “Set the account up later.” Now there is no such option. …
I rarely waste energy on outrage, because …
… how do I get around these outrageous demands?
Consider Step 6 in the Apple Knowledge Base article, What to do before you sell, give away, or trade in your Mac.
 


Ric Ford

MacInTouch
This was a bit of a surprise:
BBC News said:
Google finds 'indiscriminate iPhone attack lasting years'
Security researchers at Google have found evidence of a “sustained effort” to hack iPhones over a period of at least two years.

The attack was said to be carried out using websites which would discreetly implant malicious software to gather contacts, images and other data.

Google’s analysis suggested the booby-trapped websites were said to have been visited thousands of times per week.

Apple told the BBC it did not wish to comment.
Malwarebytes said:
Unprecedented new iPhone malware discovered
A post by Ian Beer of Google Project Zero released late yesterday evening sent the security community reeling. According to Beer, a small set of websites had been hacked in February and were being used to attack iPhones, infecting them with malware. These sites, which see thousands of visitors per week, were used to distribute iOS malware over a two-year period.
BleepingComputer said:
Google Warns iPhone Users of Data-Stealing Malware Attacks
... In total, the Google security researchers found 14 iOS vulnerabilities being exploited as part of the five unique exploit chains, five impacting the kernel, seven the iPhone web browser, and two sandbox escapes.

One of the five exploit chains abused CVE-2019-7287 and CVE-2019-7286 which, at the time, were zero-day vulnerabilities. These got patched by Apple on February 7 as part of the out-of-band iOS 12.1.4 release after the researchers reported their discovery on February 1.

... The victims would get infected immediately and "en masse" after visiting the hacked websites used by this campaign, with malicious implants being dropped, installed, and launched on the visitors' vulnerable iPhones.
Sophos said:
Sophisticated iPhone hacking went unnoticed for over two years
... In a blog this week Beer has offered the more alarming backstory to their discovery and its potential threat.

Several months of analysis later and it seems these flaws were part of a haul of fourteen vulnerabilities abused by the group behind the attacks discovered by Google.

Affecting iOS 10.x, 11.x, and 12.x, seven related to the Safari browser, five the iOS kernel, plus two sandbox escapes. Most of these had been patched over time but the two reported to Apple above were zero days, hence the company’s rush to get 12.1.4 out only days after Google told them about the issue.

Google isolated five unique exploit chains – campaigns run over time using different combinations of flaws – one of which dated back to late 2016.

The exploit chains were used against visitors to a small group of websites hacked as part of a ‘watering hole’ campaign (where sites frequented by target individuals are hacked to serve exploits).
 


Ric Ford

MacInTouch
Here's a TidBITS take on a huge privacy/security issue with formerly secret Apple Siri operations:
Josh Centers said:
Apple Announces Siri Privacy Reforms
The Apple world was stunned last month when a whistleblower revealed that Apple contractors were listening to recorded Siri interactions, a process Apple calls “grading” and that is intended to improve Siri interactions (see “Apple Workers May Be Listening to Your Siri Conversations,” 29 July 2019). It’s a common industry practice—Amazon, Google, and Microsoft all do it to improve their respective voice assistants—but Apple users had assumed that Apple’s stance that privacy is a fundamental human right would preclude such clearly creepy behavior.

Apple quickly suspended the program and told TechCrunch that it would be making changes (see “Apple Suspends Siri’s “Response Grading” Eavesdropping,” 2 August 2019). Now Apple has apologized formally...

... Apple is doing the right thing here, but it’s regrettable that it took a whistleblower to prompt this change. That fact alone damages Apple’s privacy-focused image.
 


Here's a TidBITS take on a huge privacy/security issue with formerly secret Apple Siri operations:
I wonder how important human monitoring is to quality control for Siri, and similar speech-based systems. Human monitoring of actual speech samples is one way to check that Siri is interpreting speech correctly, and because context is important to understanding speech, the people would need to listen to significant parts of the conversation, with an obvious impact on privacy. What alternatives exist and how good are they?
 


I wonder how important human monitoring is to quality control for Siri, and similar speech-based systems. Human monitoring of actual speech samples is one way to check that Siri is interpreting speech correctly, and because context is important to understanding speech, the people would need to listen to significant parts of the conversation, with an obvious impact on privacy. What alternatives exist and how good are they?
There is no alternative. Machine learning won't work unless you provide feedback as to what it got wrong. Some things have to be marked as 'correct' and others as 'wrong'. How it figures out how to classify into each 'bucket' is the learning part that is automated.

The 'alternative' is more when to do sample monitoring, not zero sample monitoring. For one thing, they can do more proactive monitoring when the user thinks they screwed up. For example, in the voicemail translations on iPhone, sometimes there is a question of whether the translation was "useful or not". If you give folks an option, they can decide what is innocuous enough to send back. Could do something similar with "Hey Siri, that last translation was bad, fix it."

If you have 50 million users, and 0.01% of them proactively report "bad outcomes" per day, then that's 5,000 samples to evaluate. If you assign 1,000 per analyst per day, that's still 5 people doing grading. (At 0.1%, 50 people. If in the single-digit percentage range, then you have lots of work to do. )

Random sampling of 'correct' stuff could just be done by randomly asking.

Siri: "do you have another message to send? "
user: " no"
Siri: " would you mind sending the last interaction anonymously to improve my abilities?"
user: " OK'.
Siri: "thanks"

The more folks volunteer, the less need to 'volunteer' folks indiscriminately.
(Can also pay random folks to be 'actors' to read scripts. If it is 'fake', then it isn't particularly private, but that will mostly work better for baseline correct stuff.)Fixing Inadvertent activations would still be a problem. It would be incrementally better to layer a "robo" censor(s) on top (to filter out context like "sex" , medical , etc.). The 'wrong' random samples, too, can be tagged and run through a classifier with no person listening. It won't be perfect but can get the number of problematic samples down to a much smaller volume. The catch-22 is that you would need a 'toxic' pool of privacy data to test/build the classifiers with, so you would need to air-gap and SCIF [Sensitive Compartmented Information Facility] that process (which would be expensive). Could do this with highly vetted people, too (no metadata access to the anonymous sample), in an SCIF-like facility, who just evaluate the suitability for QA (again more expensive than what folks are commonly doing now).
 


I wonder how important human monitoring is to quality control for Siri, and similar speech-based systems. Human monitoring of actual speech samples is one way to check that Siri is interpreting speech correctly, and because context is important to understanding speech, the people would need to listen to significant parts of the conversation, with an obvious impact on privacy. What alternatives exist and how good are they?
There is no alternative. Machine learning won't work unless you provide feedback as to what it got wrong. Some things have to be marked as 'correct' and others as 'wrong'. How it figures out how to classify into each 'bucket' is the learning part that is automated.
The more folks volunteer, the less need to 'volunteer' folks indiscriminately.
Apple states,
Before we suspended grading, our process involved reviewing a small sample of audio from Siri requests — less than 0.2% — and their computer-generated transcripts to measure how well Siri was responding and to improve its reliability.

It seems likely Apple could obtain opt-in by 0.5% or more users among the "Privacy, what's privacy? / Brave new world" millennials and "I'm not breaking laws / Don't have anything to hide" folks, to replace the previous randomly selected users.

If I am reading their statements correctly, they will continue to collect machine transcriptions of Siri interactions from any (all?) users regardless of opt-in or out status.

Apple states,
Siri uses a random identifier — a long string of letters and numbers associated with a single device — to keep track of data while it’s being processed, rather than tying it to your identity through your Apple ID or phone number — a process that we believe is unique among the digital assistants in use today. For further protection, after six months, the device’s data is disassociated from the random identifier.

What is random (aside from the characters used) about an identifier tied to a device which is tied to an Apple ID which is tied to an individual person? If the transcription data is truly disassociated from the user, Apple is not explaining that clearly.
 


I’ve finally gotten to the far side of the most difficult hardware upgrade and program/data transfer, from old machine to new, that I’ve ever dealt with in 40 years of computing....
A related question... Is it possible to reformat the system drive and connected Time Machine drive to a blank state remotely or via malware, thereby leaving the machine un-bootable?

I am under the impression that can only be accomplished by a local user when booting into recovery mode or from an external drive.
 


Ric Ford

MacInTouch
Hmmm... not a great sign?
Dan Goodin/Ars Technica said:
A glut of iOS 0-days pushes their price below cost of those for Android
For the first time ever, the security exploit broker Zerodium is paying a higher price for zero-day attacks that target Android than it pays for comparable attacks targeting iOS.

An updated price list published Tuesday shows Zerodium will now pay $2.5 million apiece for “full chain (Zero-Click) with persistence” Android zero-days compared with $2 million for iOS zero-days that meet the same criteria. The previous program overview offered $2 million for unpublished iOS exploits but made no reference at all to the exploits for Android. Zerodium founder and CEO Chaouki Bekrar told Ars the broker paid on a “case by case basis depending on the chain” for Android exploits.

Bekrar told Ars the move was prompted by a glut of working iOS exploit chains that has coincided with the growing difficulty of finding comparable exploits for versions 8 and 9 of Android.
 


Ric Ford

MacInTouch
Some interesting changes as macOS Catalina looms...
Eclectic Light Co. said:
Notarization devalued?
For fifteen months, since its unveiling at WWDC in June 2018, Apple has been preaching the virtues of the improved security to come with notarization. Then in one short announcement to developers last week, it abandoned much of this grand plan until January next year, over a quarter of the way through Catalina’s release cycle.

... In one announcement, Apple blew away previous claims as to the importance of satisfying the requirements which had been giving so many developers so much trouble over the last year or more. And those requirements aren’t going to be re-imposed on new notarizations until January of next year. I’m sure that the many developers who have struggled to ensure that the entire contents of their app bundle have been correctly signed using their developer ID and have been hardened are delighted to know that, had they waited until the last minute, they wouldn’t have needed to bother.

Short of abandoning the requirement for notarization altogether, at the last minute Apple has signalled that its only real value is in its own malware checks. Maybe all the rest, the advantages of the hardened runtime, of deep code signing, were nothing more than security theatre as some have claimed?
 


Eclectic Light Co. said:
Notarization devalued?
For fifteen months, since its unveiling at WWDC in June 2018, Apple has been preaching the virtues of the improved security to come with notarization. Then in one short announcement to developers last week, it abandoned much of this grand plan until January next year, over a quarter of the way through Catalina’s release cycle. [...]

Short of abandoning the requirement for notarization altogether, at the last minute Apple has signalled that its only real value is in its own malware checks. Maybe all the rest, the advantages of the hardened runtime, of deep code signing, were nothing more than security theatre as some have claimed?
Hmm, that does seem a little harsh. As much as the various notarization issues Howard's been writing about are a mess, there's no real question that the hardened runtime adds robustness against several common security issues to programs that use it. And all Apple really did was delay the need to meet a bunch of potentially tricky, somewhat badly documented new requirements for four months. It's hard for me to see that as a "signal" of anything, as opposed to a pragmatic reaction to discovering lots of rough edges during the beta period...
 


Ric Ford

MacInTouch
Watch out for this big trap with T2-based Macs...
Eclectic Light Co. said:
Don’t try reverting a T2 to older firmware
There’s been a recent spate of T2-equipped Macs which have suddenly become bricked and unusable. One cause for this has come to light: trying to downgrade the firmware in that Mac, for example when trying to restore Mojave on a Mac which has been running Catalina beta, according to recent tweeted reports by @tperfitt and @eholtam.
#T2 #BridgeOS #firmware
 


Watch out for this big trap with T2-based Macs...
So is this an unintended consequence or just another step toward Apple's attempt to lock down the entire platform? Apple can do whatever they desire with your computer once they own it with the T2 chip. Apple's claims that the T2 chip is for your benefit are [misleading]. I will never buy a T2 chip-equipped Mac.
 


So is this an unintended consequence or just another step toward Apple's attempt to lock down the entire platform?
If they actually wanted to prohibit downgrades, then they would have removed the feature from the recovery partition. They wouldn't give you the feature and then rig it so it bricks the hardware - that would just create massive support costs that no company wants to incur.

This is a nasty bug. It's not the first catastrophic bug to come from Apple, and it won't be the last. Hopefully they will fix this before Catalina is released - one might argue that beta testers should be prepared for disaster (which is why people are always warned to never use beta code in a production environment), but a bug like this will become an instant (and well deserved) PR nightmare if it persists into the commercial release.
 


So is this an unintended consequence or just another step toward Apple's attempt to lock down the entire platform?
I feel certain it was unintended and primarily an issue for those who decided to participate in macOS beta testing, changed their minds and attempted to back out. I suspect Apple can come up with a procedure to allow this, eventually.
I will never buy a T2 chip-equipped Mac.
That could mean that you won't ever buy another new Mac, going forward.
 



I have not read all the previous posts but wonder, if one had disabled all security preferences in macOS Recovery mode on T2 machines, if downgrading without problems would work.
 



They claim it is to improve the privacy of my data. How is this misleading, short of conspiracy theories? I hope I never have to buy another Mac without a T2!
Yes, you get improved security, but you also get so much more, like the inability to recover your data when the chip fails or anything in the storage chain decides to not work as advertised.

Then there are the things that TPM gives you freely... like removing your freedom of choice, blocking your access to websites, all the DRM stuff. Are these things being done right now? No, but they can be implemented when you have a TPM chip in your computer.

People forget this was considered an outrage when it was suggested by Intel a number of years ago. Do a Google search and you'll find (hidden among the more modern shill sites for the technology) the reasons why you should be more afraid of this "feature" than welcoming. You buy into a small part of it, and the rest comes in the back door.

Here's an example of such behavior: Remember DVDs? The public reason was to provide great quality video and audio; the real reason was to obfuscate the video and audio in a DRM'd mess of MPEG-2. Everything Big Tech wants to provide has, at its core raison d'etre, the desire to lock you up in a "secure" exclusive ecosystem [e.g. the iPhone].

The T2 chip isn't even necessary to provide security. What about FileVault isn't good enough? Are you referring to runtime security? Isn't that what macOS is supposed to do?

Be careful what you wish for, as you just might get it.
 


Ric Ford

MacInTouch
Apple has posted an update to its invisible MRT [Malware Removal Tool] anti-malware system, updating it to version 1.49.

Here's a bit more about MRT:
Krypted (Charles S. Edge) said:
Using Apple’s Built-In Malware Removal Tool (MRT)
macOS now comes with a vulnerability scanner called mrt. It’s installed within the MRT.app bundle in /System/Library/CoreServices/MRT.app/Contents/MacOS/ and while it doesn’t currently have a lot that it can do – it does protect against the various bad stuff that is actually available for the Mac.
 


Ric Ford

MacInTouch
Another lockscreen vulnerability in iOS just popped up:
The Verge said:
iOS 13 exploit bypasses the lockscreen for access to contacts
Apple is planning to release iOS 13 next week, but one security researcher has already discovered a lockscreen bypass. The exploit allows you to bypass the lockscreen and gain access to all contact information on an iPhone. Jose Rodriguez discovered the exploit and revealed to The Verge that he reported it to Apple on July 17th, but it’s still working in the Gold Master (GM) version of iOS 13 that will be released on September 19th.
 



The majority of personal computers get by just fine without a T2. Apple could have made a T2 type device for other Mac-centric purposes and left the SSD out of the equation. Standard M.2 NVMe SSDs would have been just fine.
Agreed. The coupling of T2 <-> SSD means:
  1. You need a backup of the data for recovery, in the case anything fails.
  2. That backup will not be protected by the T2 chip, therefore making this coupling moot in the end.
 


Agreed. The coupling of T2 <-> SSD means:
  1. You need a backup of the data for recovery, in the case anything fails.
  2. That backup will not be protected by the T2 chip, therefore making this coupling moot in the end.
I think the counterargument is: If I steal your laptop while you're sitting at a Starbucks, the T2 will completely prevent me from getting your data off the SSD, which I could perhaps otherwise do. Whereas, your backup devices are in a locked room, or at minimum not at the Starbucks with you, and therefore much harder to steal.

There are tradeoffs all over the place here, and different people will land on different sides of some of them. For me personally, as someone who fiddles with the hardware and software insides of computers a lot, it's a tough call. But I'm not sure that's nearly as true for the great majority of people who think of their computer as a sealed-up black-box appliance.
 


Amazon disclaimer:
As an Amazon Associate I earn from qualifying purchases.

Latest posts