Compared to its rivals, Apple's software and hardware are usually known for being more secure and less prone to problems. In fact, most users view its ecosystem as practically risk-free from a consumer and business standpoint. Nevertheless, tech pundits know that like most devices, loopholes exist with hackers prepared to exploit these for various reasons. Shortly after a vulnerability was reported in August, security researchers confirmed that it can be used to break the protection of T2 chipsets.
A report from ZDNet claims the exploits being used were originally intended for jailbreaking iPhones. However, the most recent details reveal it can also do the same for MacBooks and Macs equipped with Apple's security chips. The information has been posted on Reddit as well as on Twitter wherein experts confirmed that it is possible. According to those who have tested it, hackers can potentially gain full access to the system.
This means core operating system functions can be modified. Even encrypted data can be collected or have malware planted for various uses. Cybersecurity researchers point out the combination of the checkm8 and Blackbird exploits can allow hackers to practically do whatever they want to a jailbroken system. Given that Apple markets its products with privacy and security in mind, this could potentially push potential buyers to reconsider for now.
"The mini operating system on the T2 (SepOS) suffers from a security vulnerability(sic) also found in the iPhone 7 since it contains a processor based on the iOS A10. Exploitation of this type of processor for the sake of installing homebrew software is very actively discussed in the /r/jailbreak subreddit," explains a post from Belgian security firm ironPeak.
"So using the checkm8 exploit originally made for iPhones, the checkra1n exploit was developed to build a semi-tethered exploit for the T2 security chip, exploiting a flaw. This could be used to e.g. circumvent activation lock, allowing stolen iPhones or macOS devices to be reset and sold on the black market," it added. As it stands right now, it is reportedly impossible to patch out given its hardware-based nature. Apple already announced that it will shift from Intel silicon to its own ARM-based processors in the future, which could remove this vulnerability.