Ehhh OSS != more secure
Good third-party pen testing, auditing, ect… would be more valuable than anything going OSS would net them
There is a certain bit of value in obfuscation of what exactly is going on with the whole T2 thing
1 Like
Well they will not hack the encryption really, the hack comes into the implementation.
1 Like
Do you think Apple uses 3rd party pen testing?
Sometimes, but best practice is never to rely on security through obfuscation.
It’s possible, but T2 has been around for 3 years and still no compromise so it might be a while…
In fact, it just occurred to me, is T2 on M1 boards, or did they implement the same functionality into M1 directly?
1 Like
I’d certainly hope so…
Well, yeah, that’s why you pen test and audit on top of that; OSS is basically just outsourcing that to the community, most of the time.
Would be kinda weird if they didn’t, but also saves on avoiding re-design, I guess.
1 Like
I wasn’t there, but I would bet Apple had third parties review this. It’s an industry standard.
Yep. Again, I wasn’t there but third party security reviews are industry standard, even in FAANG companies.
Pls stop. AES isn’t new, SHA256 isn’t new, ECDSA/EDDSA isn’t new (no they’re not using RSA), nobody is reinventing the wheel here. The implementation they used surely isn’t new and almost guaranteed went through independent third party review.
2 Likes
Well Im currently using an iphone and i certainly wish APTs and NSO Group didnt have the capability to mess with my gadgets.
But Pegasus exists despite the audited security features on my phone.
I know some people have loaded linux but no gpu accel atm the t2 is broken wide open with type c cable mod
Its only a matter of time but atm is basically useless
You can follow most of the latest progress here in these big picture blog posts: Blog - Asahi Linux
… Hector’s been streaming some of the work he’s been personally doing here: marcan - YouTube
My personal impression is it’ll be at least a couple of years - there just isn’t that many people with the development skills needed willing to spend time and money to work on this and things are going slowly. I’m sure most of it will work eventually.
2 Likes
From reading most of the replies and small search. It seems like it’s harder than ever to make it run hassle free.
In my opinion it’s not worth it.
I just wonder how apple will tackle the maC pro idea, because on that machine ppl swap boot drives and upgrade components etc…
I wonder how they will make it possible but keep it locked down as they do on mobile devices. Maybe they don’t have solution for it yet so they will still use X86 intel based cpu
2 Likes
They’re not going to do that. They would release a less capable Mac Pro before sticking with x86. They’re scheduled to update all Mac lines to M processors by sometime in 2022. They’ll want to stick to that so they can deprecate x86 in macOS as soon as possible, and so they can remove the x86 emulation acceleration from future M chips.
I wouldn’t be worried about M1 competing with x86 since the Macbook Pro already does compete with desktop class x86 to some extent. I can imagine simply adding desktop-class power delivery and thermal dissipation would make it even more competitive. The GPU is where it will be mixed. They’re clearly targeting content creation right now. While some use-cases will benefit from the new architecture, gaming will remain dominated by PC and I imagine some professional workloads will also.
There will definitely be some people who hold onto their 2019 Mac Pros for decades claiming it was the best Mac ever made, running ancient versions of macOS and arguing with their clients as to why they can’t open certain files or run newer applications.
3 Likes
Did they fixed the issue where you could just put the Mac on target mode and access the encrypted files from another Mac like nothing?
1 Like
I agree to disagree. Which means being adults and not personal.
So …
No there’s not.
IT’S MY HARDWARE!
I have the right to do with it what I want.
And IF I want it to be secure, or insecure, that’s my choice.
If I want to run a different OS, my choice.
External hard drive, thumb drive, SD card.
It’s MY hardware.
I get to chose.
If you can’t “secure” your hardware, that’s no reason to force me to by taking away my rights.
And THAT is one very big reason Apple, hasn’t and never will get any of my money.
No matter how good they or others say their products are.
They are not THAT good.
4 Likes
Hey, man, you do you. A lot of people on the forums are “principals trump all”; I mean, have you seen the number of Linux desktop OS users here, despite how inferior it is (joking, joking…or am I?)
Hardware level security is just where the industry is headed as a whole. It’s been part of the business/enterprise ecosystem for a long time now.
MSFT TPM anyone? 
It’s certainly a better approach than relying on end users and employees to be responsible, over all, most of the time.
All that said, it is pretty anti-consumer that a technical user can’t bypass/disable it if they need or want to for whatever reason.
I assume it’s part of Apples design philosophy that the end user can’t be trusted to not be dumb (no write permissions to / for instance), iOS lockdown, etc…
Which, to be fair, the way they market themselves kinda makes that a fair point. They’re NOT trying to sell to technical users that want to bypass those things.
Edit:
Personally, I just use different devices for different things.
I currently own a NAS which runs Synologies flavor of Linux, PC on windows, iPad, iPhone, Dell XPS 15, and will likely be buying a new MacBook Pro here in coming months
Apple products are just to for focused media consumption and work stuff. Linux is a tool to be deployed/used for personal stuff. And windows for actual “turn off the brain and relax in front of my monitors” type stuff
2 Likes
So people who want to have a say about, control something they actually own are stupid?
Okay.
Haven’t they?
Point for me.
The point was, people will still click on that phising link on the email and the hardware security modules can’t stop those.
Hardware security cant stop SolarWinds hacks because those are signed and the security module will allow that because its signed by the right organization.
@georgezilla relax on the holy fire of GNU. No one is telling you or even forcing you to use Apple products. Give it time. People may still yet put Linux on the M1 because of Asahi Linux. Lets just appreciate the people giving us the future option to use Linux on the M1.
1 Like
On the bright side, once they figure out how to get it working theoretically it should be easier to optimize than the gazillions of different AMD/Nvidia/Intel combos on the market.
1 Like
This topic was automatically closed 273 days after the last reply. New replies are no longer allowed.