Hacker News new | past | comments | ask | show | jobs | submit login

You can even set a firmware password on top of that to block any attempts to boot into target disk mode or single user or recovery



Firmware passwords are trivial to bypass if you have physical access and the proper tools. [0]

$30 gets you the equipment needed to dump, modify, and re-write the firmware, clearing any firmware password.

[0] https://trmm.net/SPI_flash


Granted I maybe missed it but this doesn't Specifically State that it was successfully used to by pass the firmware lock? Since 2010 Apple has worked hard to close these loopholes https://m.imore.com/how-set-your-macs-firmware-password-and-...


Apple still does not integrate a TPM into their laptops.

And it doesn't matter, even if they did, you could modify the firmware on flash to bypass the checks.

There is nothing stopping someone with physical access from removing the firmware password via SPI flash.

It is a fundamental flaw of x86, IMHO, that there is no Boot ROM (BROM) which can perform signature/integrity checks on the UEFI firmware. ARM has this, x86 does not.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: