[tumult]

OK. But what about the Intel Macs they sold to millions of people, with the claim that they had hardware security that instead turned out to be a liability? Why should anyone believe the M1 Macs won't end up the same way? That seems pretty relevant to me. Do they take this seriously, or are they just posturing?

[judge2020]

Consumer protection doesn't apply to broad statements like "secure". Just because a kwikset advertises "For use on exterior doors where keyed entry and security is needed" doesn't mean you're entitled to a refund if someone picks it, even if kwiksets are usually seen as low-security locks.

https://www.kwikset.com/products/detail/780-deadbolt-keyed-o...

[tumult]

Yes, that's why I'm saying the people need to pay attention to the track record of the organization and their past credibility.

[judge2020]

> Refunds? Replacements? Anything? Bueller?

[tumult]

Their track record includes their responses to issues like these. If they ignore it, that's worse than trying to rectify it or address or mitigate its severity.

[imwillofficial]

“Why should anyone believe..” Vulnerabilities are found constantly, that’s a feature not a bug. Apple has earned a decent amount of respect in this area. They have also earned a healthy verification of whatever security claims where are due to some pretty high profile bugs.

[tumult]

If you're talking about the iPhone, yes. But they lost a bunch with their desktop computers with this unaddressed, apparently very real problem. Unless there is some news and it turned out to be a hoax? But it seems real.

[my123]

It does not reduce the security level to at or below the one of any regular PC.

The bootrom bug requires DFU and physical access to be triggered, which is already game over on most systems. Apple also doesn’t solely rely on measured boot for the encryption keys (unlike default BitLocker configuration with TPM).

[tumult]

It was specifically a selling point of these computers. One of the headlining features. (As I said in my earlier comment, "with the claim that they had hardware security")