One of the newer hardware features that Apple has been introducing to its products is the T2 security chip. For those who are unfamiliar, the T2 chip was introduced to Apple’s Mac computers not too long ago. It is basically a secure enclave co-processor that helps to secure sensitive information like Touch ID data, encrypted storage, and more.
Basically, it is meant to provide Mac users with a more secure experience. However, somewhat ironically enough, is that security research Niels Hofmans has found what seems to be an unpatchable security vulnerability in the T2 chip. Assuming that this vulnerability does exist and is exploited, it could allow hackers to hijack the boot process and gain access to your computer’s hardware.
The hacker would also have full root access and kernel execution privileges, which means that they will also be able to install things like a keylogger and steal sensitive data like your login credentials, credit card information, and more. The bad news is that because it is stored in the T2’s ROM, it prevents Apple from patching it.
The good news is that because of this, it also means that hackers would not be able to remotely target the computer. It appears that the only way a hacker would be able to pull this attack off is by using something like a malicious USB cable or insert, which means that they would need physical access to your computer.
It is unclear what Apple can do about it now, but Hofmans says he has reached out to Apple to warn them about it, so until a fix can be found (if at all), it’s probably best to avoid attaching USB cables or dongles that you’re unfamiliar with for now.