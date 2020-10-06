Newer Macs have a security chip called the T2. It offers an additional level of security. However, a security hole has been discovered on this chip that Apple cannot connect.

The security researcher Niels Hofmans explains that the Checkm8 exploit, which is already being used to jailbreak the iPhone and iPad with the Checkra1n tool, is valid on the T2 chip. A hacker could hijack the SepOS operating system startup process from the T2 chip to gain access to the Mac. Typically the T2 chip will display a fatal error when in DFU mode and detecting a decryption call, but uses a different vulnerability developed by the Pangu team (which has caused iPhone jailbreaks in the past). Niels Hofmans claims that it is possible for a hacker to bypass this exam and gain access to the T2 chip.

Once accessed, the attacker has full root access and authority to execute code at the kernel level. However, it cannot decrypt stored files directly using FileVault 2 encryption, the T2 chip manages access to the keyboard, the hacker could inject a keylogger and steal the password used for decryption.