Slashdot Mirror
Apple Confirms Its T2 Security Chip Blocks Some Third-Party Repairs of New Macs (theverge.com)
An anonymous reader shares a report from The Verge about Apple's new security-focused T2 chip found in the newest Mac computers. The introduction of the chip "has renewed concerns that Apple is trying to further lock down its devices from third-party repair services," The Verge reports. From the report: The T2 is "a guillotine that [Apple is] holding over" product owners, iFixit CEO Kyle Wiens told The Verge over email. That's because it's the key to locking down Mac products by only allowing select replacement parts into the machine when they've come from an authorized source -- a process that the T2 chip now checks for during post-repair reboot. "It's very possible the goal is to exert more control over who can perform repairs by limiting access to parts," Wiens said. "This could be an attempt to grab more market share from the independent repair providers. Or it could be a threat to keep their authorized network in line. We just don't know." Apple confirmed to The Verge that this is the case for repairs involving certain components on newer Macs, like the logic board and Touch ID sensor, which is the first time the company has publicly acknowledged the tool's use. But Apple could not provide a list of repairs that required this or what devices were affected. It also couldn't say whether it began this protocol with the iMac Pro's introduction last year or if it's a new policy instituted recently.
First revealed last month by MacRumors and Motherboard, both of which got their hands on an internal Apple document, the T2 chip could render a computer inoperable if, say, the logic board is replaced, unless the chip recognizes a special piece of diagnostic software has been run. That means if you wanted to repair certain key parts of your MacBook, iMac, or Mac mini, you would need to go to an official Apple Store or a repair shop that's part of the company's Authorized Service Provider (ASP) network. If you want to repair or rebuild portions of those devices on your own, you simply can't -- at least, according to this document. The parts affected, according to the document, are the display assembly, logic board, top case, and Touch ID board for the MacBook Pro, and the logic board and flash storage on the iMac Pro. It is also likely that logic board repairs on the new MacBook Air and Mac mini are affected, as well as the Mac mini's flash storage. Yet, the document, which is believed to have been distributed earlier this year, does not mention those products because they were unannounced at the time. Regardless, to replace those parts, a technician would need to run what's known as the AST 2 System Configuration suite, which Apple only distributes to Apple Stores and certified ASPs. So DIY shops and those out of the Apple network would be out of luck.
First revealed last month by MacRumors and Motherboard, both of which got their hands on an internal Apple document, the T2 chip could render a computer inoperable if, say, the logic board is replaced, unless the chip recognizes a special piece of diagnostic software has been run. That means if you wanted to repair certain key parts of your MacBook, iMac, or Mac mini, you would need to go to an official Apple Store or a repair shop that's part of the company's Authorized Service Provider (ASP) network. If you want to repair or rebuild portions of those devices on your own, you simply can't -- at least, according to this document. The parts affected, according to the document, are the display assembly, logic board, top case, and Touch ID board for the MacBook Pro, and the logic board and flash storage on the iMac Pro. It is also likely that logic board repairs on the new MacBook Air and Mac mini are affected, as well as the Mac mini's flash storage. Yet, the document, which is believed to have been distributed earlier this year, does not mention those products because they were unannounced at the time. Regardless, to replace those parts, a technician would need to run what's known as the AST 2 System Configuration suite, which Apple only distributes to Apple Stores and certified ASPs. So DIY shops and those out of the Apple network would be out of luck.
I'd have no problem with something like a boot warning of unauthorized repairs, but prohibiting owners from fixing their own fucking equipment stinks.
Do you have a proposal for how to separate these two? What's to stop a malicious change from masking this boot warning? The security point of the T2 chip is well documented by Apple. The conspiracy theories are the same for the iPhone, though. Bottom line: You can't make a secure system if you allow random modifications. The tiny market share of people who are going to tweak their devices isn't worth forsaking real security for everyone else.
"...the T2 chip could render a computer inoperable..." and it went on from there. The hinge of this whole story rests on a "could". Twist the hinge one way, there is no story, the other way, and ... well ... you get this flame bait
You know, stuff that matters.
- real hackers don't have sigs -
Or they can just ignore the complaints coming from a niche user group composed of a fraction of a fraction of a percent of all users?
The hardware quality advantage of MacBooks is long gone. OS X has become a pile of iCloud infested junk. There is simply no reason to buy an Apple product anymore. They've abandoned the power user and no longer innovate. The only thing they can do is build lock-in devices to try to keep customers on their stagnant technology.
I was using Mac laptops since the PowerPC days. I finally gave up and built myself a Linux laptop. Do I miss a few OS X specific apps? Yes. Am I glad to be off Apple's lock-in ecosystem: Hell yes. Even though I had backups I wanted to get the last day's work off my dead MacBook pro. Not so easy when the SSD is soldered to the motherboard. Thanks Apple for starting that trend.
Where I live, there isn't a repair shop within 100 miles, here in northeast Arkansas. I could never recommend a Mac to anyone I know, even someone heavily invested in the Apple ecosystem, because of this. It's the same story with their phones. Both of my parents have iPhones, and without an authorized repair shop anywhere nearby, not even within a 100 mile radius, I can't get them fixed without shipping them off somewhere, and being without the device for God knows how long. Meanwhile, there's an independent repair shop that will happily repair my Android phone same day within 10 miles.
Simple fact is, computers break eventually. Nothing runs forever. Apple's insistence that we use their repair shops, which for me might as well be on the moon, is just crazy. If you can't get the thing fixed when something goes wrong, be it a cracked screen or bad keyboard or whatever, it's just disposable. And Apple products are just too expensive to be disposable.
This violates Federal Law, in particular the Magnussen-Moss Act (15 USC 2302(c)) requirement that says warrantors cannot require that only branded parts be used with the product in order to retain the warranty.
"My opinions are my own, and I've got *lots* of them!"
Yes, it's really that hard. The T2 chip prevents the evil maid attack. Put a switch in, and you've re-enabled the evil maid attack. You can have protection from this attack, or you can have repairability. It's a crappy choice. If you prefer repairability, you have options.
That's old tradition dating back to Apple II (hacker-friendly computer) days.
That's what happens when you live on a Caribbean island with less than 200,000 people, I can imagine a lot of services are not available there. I grew up on a farm in the American Midwest, and there were no authorized repair centers for anything nearby. If you had something critical to work then you automatically bought two of them. We bought a lot of stuff over the phone and had it shipped to us. If it didn't work for us, it needed repair, or whatever, then we had to do without until we could ship it back and have it set right. It sucked but that's what happens when you grow up so far from a population center.
Your hardware is your choice. You can choose not to buy from vendors that don't allow user repairs. Given that a modern computer is a rather complex device, especially something so small as a laptop, cell phone, or even many desktop systems like the Mac Mini, I'm not sure what you can expect to repair yourself without special tools and training.
A secure device is inherently not user repairable. Let's make a bad car analogy. A secure car has locks that need the proper key to open and start it. If the car is designed to be easily repaired then a thief can simply swap out the locks and take the car. A really secure car would be such that even the dealers or makers of the car can't open or start it, because that means there's a master key somewhere that a thief could exploit. Losing the key, sufficient damage to the car, or some other unfortunate event, would mean a total loss on the car rather than merely a (potentially quite expensive) repair. That's what happens when something is made to be secure.
With all the stuff happening lately on people having their data stolen I'm finding it rather appealing that a computer manufacturer is taking this seriously. As with many things there is a compromise, with greater security comes lowered ability for repairs.
I am armed because I am free. I am free because I am armed.