Apple announced the upcoming MacOS Ventura during the recent WWDC 2022. It brings a lot of enjoyable features — but one of the things that went a little under the radar is the fact that Apple improved the security of USB-C and Thunderbolt connections.
On Macs that run on Apple silicon and will have MacOS Ventura installed, USB-C and Thunderbolt accessories will require user permission before they can communicate with the device.
This change was announced without much fanfare in the beta release notes for MacOS 13 Ventura. Apple calls the new feature “accessory security,” and the name seems accurate, given that it will prevent unwanted accessories from gaining access to the Mac without explicit user permission. The change will apply — so far — only to portable Macs with Apple silicon.
Starting with the release of MacOS Ventura, when you plug in a USB or Thunderbolt accessory, you will first have to give it permission to allow it to communicate. There are a few exceptions: Power adapters, stand-alone displays, and previously approved connections will not require further confirmation before functioning as intended. How exactly is this feature going to work?
Although the devices will still charge even if not given permission, data transfer and similar uses will be forbidden until the user accepts them. Once a device is approved as safe, it can connect to a locked Mac for a maximum of three days before it needs to be approved again. Apple intends to make this the new default — the initial security configuration is always going to be, “Ask for new accessories.”
If you happen to attach an accessory during or prior to the update to MacOS Ventura, it will continue to work without any changes even as you update your system. However, the accessories will not be remembered until you connect them to an unlocked, updated Mac and give them full permission.
While this may seem like a small change, it’s definitely a step toward increased security for Mac users. It certainly feels like a bit of a throwback to GrayKey, a device sold to law enforcement agencies for the purpose of unlocking iPhones. The device, while outrageously expensive, was capable of unlocking almost any iPhone — until Apple started throwing various updates at it in order to protect its users.
GrayKey, when connected to a locked iPhone for about two minutes, did its magic and then was disconnected. A couple of hours later, the phone would display the passcode on a black screen alongside additional information. Sometimes, the extraction took much longer — Malwarebytes said it could be up to three days. For law enforcement, such a device was undoubtedly very handy, but it also left a lot of potential for misuse if it landed in the wrong hands. Apple’s new MacOS Ventura update further prevents such a situation.
MacOS Ventura is set to release in the fall and will be available in its beta version in July. Aside from accessory security, the new update will bring a number of fun features, such as Stage Manager, Continuity Camera, and an update to the Mail app.
