It's not impossible, but it's impractical. It's just to do this, it is "cost" prohibitive meaning not only would you need physical access, you'd have to have number of factors in your favor (a non-encrypted disk or be able to install a firmware image that didn't predate the existing one, and have it's digital signature spoofed for example) to get this malware on board.
Likewise, if vulnerabilities are found in the early boot process of the UEFI firmware (before it write-restricts the storage chip), this could also lead to persistent infection of the UEFI firmware. While there are security measures in place, someone with "hands on" access could still potentially modify the firmware in the pre-boot area of UFEI (this is why the T2 chip was invented). It's important to note that this is not foolproof. To help prevent rollback attacks, updates must always have a version newer than the existing one. UEFI firmware updates are digitally signed by Apple and verified by the firmware before updating the storage. Additionally, firmware must be newer than the one being replaced (can't be downgraded).įrom UEFI firmware security in an Intel-based Macįor an Intel-based Mac without the Apple T2 Security Chip, the root of trust for the UEFI firmware is the chip where the firmware is stored. This is a feature native to UEFI and although optional, Apple has been using them since switching to an EFI framework back in 2006. Are there any security features out of the box in 2017 MacBook Pro that ensures boot and firmware integrity.
0 kommentar(er)
