Skip to main content
  1. Home
  2. Computing
  3. Features

The MacBook Pro’s tight security comes with an annoying compromise

By
Image used with permission by copyright holder

(in)Secure is a weekly column that dives into the rapidly escalating topic of cybersecurity.

The launch of the 2018 MacBook Pro has been rife with controversy, with issues ranging from the performance to the keyboard. While we’re at it, let’s throw one more log on the fire, shall we?

The new MacBook Pros come with what Apple calls the T2 coprocessor — a chip first featured in the iMac Pro. Although its main reason for inclusion is Siri voice activation, it also has important implications on security and storage. Better security is great, but unfortunately, the T2 coprocessor isn’t without problem.

Related

The return of the T2

The T2 coprocessor brings all sorts of security features to the MacBook Pros. In its press release, Apple says it has “support for secure boot” and “on-the-fly encrypted storage,” two features that first came when the T2 showed up in last year’s iMac Pro. These security features might not sound like a big deal, but they’ll have a much larger effect on users than activating Siri with your voice.

As soon as the Apple logo appears, the T2 is in control, and acts as Apple’s “root of trust.”

Apple’s never been all that forthcoming about the exact processes these chips control, but there are a few things we know the T2 does handle. That includes Boot-up, storage, and the Touch Bar/Touch ID. Not only are these processes the Intel CPU and third-party controllers no longer must handle, it keeps them protected in Apple’s closed system of stopgaps.

A great example is the boot-up process, which is now partially handled by the T2. As detailed in initial reports about the coprocessor in the iMac Pro, the T2 verifies everything about the system before it’s allowed to move forward. As soon as the Apple logo appears, the T2 is in control, and acts as Apple’s “root of trust” to ensure that everything checks out.

Encrypted storage is equally important. Because the functions of the conventional disk controller have been replaced by the T2, the coprocessor now has direct control over the storage in your MacBook Pro.

Apple T2 iMac Chip
Apple’s T2 coprocessor Image used with permission by copyright holder

That kind of access allows Apple to ensure every piece of data in the SSD is automatically protected and encrypted. That lets Apple to do things like secure your biometric data outside of the SSD. Right now, that’s just the TouchID sensor, but in the future that could include something like FaceID.

However, some compromises were made to bring these new security features to the MacBook Pro.

The T2’s Achilles’ heel

While the MacBook Pro’s new storage is fast and safe, the technology has introduced a new problem as well.

Time Machine Window
Image used with permission by copyright holder

In older models of the MacBook Pro, technicians had access to a data access recovery port on the logic board. Thanks to a special tool Apple developed, this port enabled the data of your SSD to be saved — even on a failed logic board. Because memory has been soldered on to the board of MacBooks since 2016, this was the only way to save the data if something went awry on your computer. It was as simple as bringing your dead laptop to a local Apple Store.

But now, thanks to a breakdown by iFixit, we know that data access recovery port is missing on new MacBook Pros. Apple may have another backup plan for recovering data, but none that it has shared so far.

Apple made it much harder to save your data from the system.

What does this have to do with security? Well, according to sources in contact with MacRumors, this data recovery port was “likely removed because 2018 MacBook Pro models feature Apple’s custom T2 chip, which provides hardware encryption for the SSD storage.”

In other words, to add this extra dose of security with its new processor, Apple’s made it much harder to save your data from the system. That’s great for security, but not great if your MacBook fails.

And, according to internal documents obtained by MacRumors, Apple technicians are advised to encourage users to back up their systems using Time Machine. So, while you can try to stay backed up or possibly send your whole system to a very expensive data recovery specialist, Apple’s ability to service its own products has dwindled. The reliability and service that set Apple’s products apart shrinks by the day.

As with many issues regarding Mac these days, it’s one step forward, two steps back.

Editors’ Recommendations

Topics
Luke Larsen
Luke Larsen
Senior Editor, Computing
Luke Larsen is the Senior Editor of Computing, managing all content covering laptops, monitors, PC hardware, Macs, and more.
Massive M4 MacBook Pro leaks have been ‘confirmed’ to be true
Russian YouTuber Romancev768 with what is claimed to be a real M4 MacBook Pro unit.

Over the last few weeks, we’ve seen a spate of leaks showing off what are alleged to be the upcoming M4 MacBook Pro. From photos of retail boxes to full-blown unboxing videos, the internet has been awash with the next MacBook Pro, despite the fact that Apple hasn’t even announced it yet.

Despite the constant media attention, there have been consistent doubts about the leaks -- for some, they just had a few too many question marks to be trusted. Yet Bloomberg reporter Mark Gurman has just dropped a bombshell by throwing his weight behind the leaks, writing in his latest Power On newsletter: “I can confirm that these are indeed Apple’s upcoming M4 MacBook Pros.” Gurman is one of the most accurate and consistent Apple leakers in the business and claims to have sources deep inside the company. So, when he says something is genuine, there’s a good chance he’s right.

Read more
These M4 MacBook Pro leaks are a goldmine of secret info
Russian YouTuber Romancev768 with what is claimed to be a real M4 MacBook Pro unit.

Apple's known for locking down its secrets under lock and key. But not these past few weeks.

The company hasn’t even announced the M4 MacBook Pro, yet we’ve apparently learned pretty much everything there is to know about the upcoming laptop thanks to a series of purported high-profile leaks and unboxing videos that have shown off the device from every angle. For a firm as security conscious as Apple, having the MacBook Pro spoiled in this way is close to catastrophic.

Read more
These M4 MacBook Pro leaks are getting insane, and I don’t know what to believe anymore
An open MacBook Pro on a table.

Apple has yet to announce an October Mac event, but leaks for the M4 MacBook Pro continue to circulate. A new tweet from Apple leaker ShrimpApplePro and a new Russian unboxing video have been spotted by Tom's Hardware, giving this possibly true and definitely unprecedented Apple leak more steam. The tweet claims a seller on a private Facebook group has 200 units of the M4 MacBook Pro for sale, adding: "This is probably the biggest warehouse leakage I've ever seen."

https://x.com/VNchocoTaco/status/1843133165302591861?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1843133165302591861%7Ctwgr%5E3d007d4bc86ddf38301ce5446103d04c8e8215f5%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.tomshardware.com%2Flaptops%2Fapple-macbook-pro-m4-leakage-gets-serious-with-200-units-reportedly-up-for-sale-on-social-media

Read more