T2 Mac Security Vulnerability Means Passwords Can Now Be Cracked
- Exclusive
- Mac
- Security
- T2
A company selling password-cracking tools says that a newly-discovered T2 Mac security vulnerability allows it to crack passwords on these machines, bypassing the lockouts.
The method used is far slower than conventional password-cracking tools, but although the total time needed could run into thousands of years, that could fall to as little as 10 hours when the Mac owner has used a more typical password…
Background: The T2 chip
Apple introduced the T2 security chip in 2018, and it was used to provide a secure boot-up feature to Intel Macs from that year on.
The key to T2 security is that the chip contains both an SSD controller and a crypto engine, allowing it to instantly decrypt and encrypt data on the fly. This is similar to FileVault, but even more secure as only the T2 chip can do the decryption – and security features on the chip prevent an attacker from modifying macOS to gain access. Here’s how Apple describes the protection:
At the time that software is downloaded and prepared to install, it is personalised with a signature that includes the Exclusive Chip Identification (ECID) — a unique ID specific to the T2 chip in this case — as part of the signing request. The signature given back by the signing server is then unique and usable only by that particular T2 chip. The UEFI firmware is designed to ensure that when the Full Security policy is in effect, a given signature isn’t just signed by Apple but is signed for this specific Mac, essentially tying that version of macOS to that Mac. This helps prevent rollback attacks.
T2 Mac security vulnerability
Passware was already able to crack passwords and decrypt FileVault-protected drives on older Macs without the T2 chip. This uses GPU acceleration to achieve brute-force attacks of literally tens of thousands of passwords per second, making it a trivial task to break into these Macs.
Until recently, however, it wasn’t practical to mount brute-force attacks on Macs with a T2 chip. This is because the Mac password is not stored on the SSD, and the chip limits the number of password attempts that can be made, so you’d instead have to brute-force the decryption key, and that is so long it would take millions of years.
However, 9to5Mac has learned that Passware is now offering an add-on module that can defeat Macs with the T2 chip, apparently by bypassing the features designed to prevent multiple guesses. Having defeated this protection, users can then apply the dictionary of their choice. Passware provides a dictionary of the 550,000 most commonly-used passwords (created from various data breaches), along with a larger one of 10 billion passwords.
The process is still slower than usual, at a relatively sedate 15-ish passwords per second. In theory, this could still take thousands of years, but most people use relatively short passwords which are vulnerable to dictionary attacks. The average password length is just six characters, which can be cracked in around 10 hours.
Passware says that the add-on module is only available to government customers, as well as private companies who can supply a valid justification for its use.
What does this mean for Mac owners?
Passware requires physical access to your Mac, so is not a major concern for most of us.
If you have an older Intel Mac without a T2 chip, nothing has changed. Likewise if you own an M1 Mac. Affected machines are these:
- iMac (Retina 5K, 27-inch, 2020)
- iMac Pro
- Mac Pro (2019)
- Mac Pro (Rack, 2019)
- Mac mini (2018)
- MacBook Air (Retina, 13-inch, 2020)
- MacBook Air (Retina, 13-inch, 2019)
- MacBook Air (Retina, 13-inch, 2018)
- MacBook Pro (13-inch, 2020, Two Thunderbolt 3 ports)
- MacBook Pro (13-inch, 2020, Four Thunderbolt 3 ports)
- MacBook Pro (16-inch, 2019)
- MacBook Pro (13-inch, 2019, Two Thunderbolt 3 ports)
- MacBook Pro (15-inch, 2019)
- MacBook Pro (13-inch, 2019, Four Thunderbolt 3 ports)
- MacBook Pro (15-inch, 2018)
- MacBook Pro (13-inch, 2018, Four Thunderbolt 3 ports)
The main advice is, however, the same for everyone:
- Use long passwords – the longer, the better
- Don’t use words found in a dictionary
- Include special characters like !@$%^&*()-+=[]{}
- Only ever download apps from trusted sources
- Follow standard cybersecurity precautions
We’ve reached out to Apple for comment and will update with any response.
Photo: iFixit
Add 9to5Mac to your Google News feed.FTC: We use income earning auto affiliate links. More.
You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channelFeatured
from 9to5Mac 9to5Mac Logo
-
Best Apple Black Friday deals: Mac, AirPods, Apple Watch, iPad, more [Updated]
Justin Kahn Nov 28 2024 -
Rumor Replay: iOS 19, iPhone 17 Pro and Air upgrades, future AirPods Max
Ryan Christoffel Nov 28 2024 -
These 25+ indie apps are offering discounts for Black Friday
Michael Burkhardt Nov 27 2024 -
Apple’s Black Friday deals give you an up to $200 gift card
Chance Miller Nov 29 2024
Check out 9to5Mac on YouTube for more Apple news:
Comments
Expand Close commentsGuides
Mac
Apple’s Mac lineup consists of MacBook, MacBoo…
Security
T2Author
Ben Lovejoy benlovejoyBen Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!
Ben Lovejoy's favorite gear
Dell 49-inch curved monitor
Manage push notifications
All Post Update We would like to show you notifications for the latest news and updates. Allow Cancel You are subscribed to notifications Close We would like to show you notifications for the latest news and updates. Allow Cancel You are subscribed to notifications CloseTừ khóa » Chip T2
-
Mac Models With The Apple T2 Security Chip
-
Apple T2 - Wikipedia
-
Everything You Need To Know About The T2 Chip
-
Apple T2 Security Chip Overview: What Does It Do & Is It Helpful
-
Harika Hatır Eğri Mac T2 Sık Sık Mimik Dik
-
What Does Having A T2 Chip In Your Mac Mean To You?
-
Choc Chip Chai Loose Leaf Gift Cube - T2 Tea
-
Flaw In Mac T2 Chip Means Passwords Can Be Cracked - Macworld
-
New Mac T2 Chip Vulnerability Makes It Easier To Hack Your ...
-
How To Recover Lost Data From T2-secured MacBook Pro/Air?
-
What Does The T2 Chip Do In The Mac? - Quora
-
Additional Steps For Apple T2 Security Chip Macs - SoftRAID
-
Apple's New T2 Security Chip Will Prevent Hackers From ... - TechCrunch
-
[PDF] Apple FileVault 2 On T2 Systems Running MacOS Catalina 10.15 ...