[josteink]

> We believe the T2 platform is a leap forward in platform security in the Apple ecosystem, and it begins to bring exciting security properties like Secure Boot capabilities to the mass market.

So the vast PC-market with UEFI secure boot which predates this by 6 year was somehow not the “mass market”, but the relatively tiny MacBook market is?

With factual errors like this present already in the introduction, it’s hard to take anything which follows it seriously.

This just comes off like fanboy-fluff.

[X-Istence]

You are missing the bigger picture in your attempt to immediately discard the original articles premise because you feel like it comes off as fanboy-fluff.

No other device on the market currently provides a secondary processor that runs full validation of the UEFI firmware before allowing the processor to start booting.

It's not just secure boot, which has been around for a while, it's everything around it.

On almost all other devices you could write new data to a flash chip and that now becomes the UEFI boot loader that is used (and can bypass secure boot). There is no verification of the UEFI boatloader that is possible because it's sitting in NVRAM or Flash... and you can't trust it to self-verify because it may have been tampered with.

[josteink]

> On almost all other devices you could write new data to a flash chip and that now becomes the UEFI boot loader that is used (and can bypass secure boot).

Let me see if I understand you completely.

What you're saying that if an attacker is willing to physically dismantle the machine, he can then, using SPI-flasher HW, replace the UEFI firmware on the machine with a custom UEFI firmware which does not enforce secure-boot...

And thus the machine's security is compromised?

If so, let me just state my opinion: If that's the kind of attacker you are trying to protect against, no matter of security measures is going to keep you fully secure.

And if we're going down that lane: what prevents an attacker this sophisticated from doing the same with the T2-chip's firmware?

What Apple offers with the T2 chip, for most people, has almost zero value, while providing lots of drawbacks over traditional UEFI Secure Boot.

This is all about Apple extending their platform lock-in to no longer only apply to mobile and tablet-space, but also to their traditional computer-line of products.

There's nothing noble being done here. It's just a plain-in-sight money-grab.

[X-Istence]

> What you're saying that if an attacker is willing to physically dismantle the machine, he can then, using SPI-flasher HW, replace the UEFI firmware on the machine with a custom UEFI firmware which does not enforce secure-boot...

Yeah, that's kind of the classic evil maid attack, and it is not unheard of for various spy agencies to dismantle devices to gain access or install bugs.

> If that's the kind of attacker you are trying to protect against

That is exactly what the T2 chip is designed to protect against, and more.

The T2 chip also runs all of the encryption/decryption for the integrated storage, this way all data on the flash is encrypted at all times.

I can imagine that the T2 chip over time will be able to do much more to help provide extra verification and security to the device and help keep users safe.

> And if we're going down that lane: what prevents an attacker this sophisticated from doing the same with the T2-chip's firmware?

Because the firmware on the T2 chip is signed and the way the chip is designed the only way to get firmware on it is to decap it because it is stored internal to the chip itself.

With your stock standard x86 motherboard that is not the case because the firmware is loaded from an unencrypted and unverified flash chip.

> What Apple offers with the T2 chip, for most people, has almost zero value

We'll have to agree to disagree, because the T2 chip also does full line-rate encryption/decryption of the storage with no OS involvement at all. This means if your laptop falls in the wrong hands, now people can't get at the data even by reading directly from the flash chips.

----

You are the one that claimed that the article was fanboy-fluff, I just described a feature that no other machine has... and you immediately consider it a money-grab rather than something to laud Apple for. Yet SecureBoot is good enough? Why not keep improving upon the status quo? Why not make it easier for people to keep their data private and secure?

It's all about defense in depth, and Apple added one more depth to their platform.

[josteink]

> Because the firmware on the T2 chip is signed

So is pretty much all UEFI firmware too though. It may not be encrypted, but it is certainly verified. Feel free to ask the Coreboot people about details here.

> We'll have to agree to disagree, because the T2 chip also does full line-rate encryption/decryption of the storage with no OS involvement at all.

But for people who has been using BitLocker or LUKS transparently (because it's built into the OS) for half a decade+, there are absolutely zero new things offered, and no visible improvements offered.

The only effective change is restrictions in end-user freedom.

> Yet SecureBoot is good enough? Why not keep improving upon the status quo? Why not make it easier for people to keep their data private and secure?

If a security feature which can easily be implemented (securely) in the OS is moved to firmware, I could be willing to consider that a good thing, but not it comes at the cost of end-user freedom.

And here it certainly does.

[dingaling]

> That is exactly what the T2 chip is designed to protect against

The point the OP was making is that if your threat has the technical ability to dismantle down to the circuit level and rebuild then you've got bigger problems. Such as corporal or legal jeopardy.

They could just beat you with a rubber hose until you log in. Or throw you in jail for five years for contempt of court.

The classic 'evil maid' attack is more like script-kiddie threat compared to that, and Secure Boot was sufficient protection.

[walterbell]

> No other device on the market currently provides a secondary processor that runs full validation of the UEFI firmware before allowing the processor to start booting.

HP laptops have a secondary processor (SureStart) for firmware integrity, http://h10032.www1.hp.com/ctg/Manual/c05163901

[nneonneo]

Serious question - how well does UEFI secure boot protect against an attacker with a high degree of physical access to the machine? Online docs focus mostly on the software/firmware security but less on the hardware side. Is hardware security specified, or left up to individual vendors?

[josteink]

> how well does UEFI secure boot protect against an attacker with a high degree of physical access to the machine?

Everything is relative.

When enabled, what Secure Boot ensures is that only boot media signed by a trusted a key (which unless user-replaced, typically are the vendor-provided key which trusts MS Windows and common Linux-distros) can be booted.

This guarantees that the base OS and kernel booted by the machine can be trusted to not be tampered with by untrusted parties. That is, the most important part of the OS is protected against malicious modifications and attacks by the firmware.

However if this is the only security-measure you have, there is nothing preventing a physical attacker from extracting the drive into another machine, and on this machine modify non-boot related OS-files to introduce a backdoor or trojan, and then put the drive back into the original machine.

You will then boot a trusted kernel, which later on may load malicious code. Secure boot alone does not protect against a scenario like this.

But if you use Secure Boot together with and BitLocker, LUKS or other full-disk encryption solutions, you should be reasonably secure, even against physical attackers.

Basically Secure Boot is not a full security solution, but it is the base which you need for a fully trusted, tamper-proof computing environment. Without it, you wouldn't know if someone is logging your password or not when unlocking the encrypted drives.

[X-Istence]

> Basically Secure Boot is not a full security solution

Which is what the Apple T2 chip is... which is why it is being lauded as such.

[josteink]

It's being presented as something revolutionary and new, while that's clearly not the case.

And it provides Apple with the means to enforce platform-lock in, not only on its mobile line of offerings, but also on their regular laptops and machine, which traditionally has been 100% open computing owner by the end-users.

Which is why it is being widely criticized as unwanted, as a misfeature.