
iOS, the Future of MacOS, Freedom, Security and Privacy in Hostile G Environment - auslander
http://gist.github.com/iosecure/357e724811fe04167332ef54e736670d
======
auslander
Don't get me wrong, Apple is your best bet at being secure, just challenging
the champion here :))

\- there is no Debian phone yet

\- Microsoft has more holes than Swiss cheese

\- Android is ad malware you bought, instead of being paid for

\- enabling full disk encryption in Linux is like BDSM

The post is inspired by [https://github.com/drduh/macOS-Security-and-Privacy-
Guide#fi...](https://github.com/drduh/macOS-Security-and-Privacy-Guide#first-
boot) repo and securing my hackintosh setup with FileVault2 enabled.

Hackintosh requires few non-apple kernel extensions (kexts) loaded from ESP
(EFI) partition, that is not encrypted. How do I restrict these from being
changed, and from it being malicious?

Real Apple HW is also vulnerable to DarkMatter and QuarkMatter EFI firmware
attacks ...

