Macs with Intel processors and Apple T2 Security Chip can now be broken into using simple brute force methods. A company, Forensic Focus, has announced a tool to perform password recovery.
The recovery process can only take place if one has physical possession of the device. The requirements are:
USB-C or Thunderbolt connection to the Mac
Access to the encrypted image of the Mac; the image can be acquired by putting the Mac into Target Disk Mode
This attack does not leave any traces taht a common user will notice.
Apple's T2 chip has many security functions. One of these features allows a Mac user to encrypt and decrypt data on their SSD. One of the T2 features is that it limits the number of password attempts.
The T2 has a bug that lets one bypass the limit on the number of password attempts. At that point, the Mac is wide open to brute force attacks.
Here are some details:
A 6 character password takes roughly 10 hours to crack; about a good night's sleep.
A 550,000 commonly used password database is provided
10 Billion passwords are also provided
The tool is being offered to government customers and companies with valid justifications.
Mitigations
All is not lost. Here are some of the NIST 2020 Guidelines for passwords:
Do not leave your Mac in someone else's custody
Use a longer password. Better yet, use a passphrase. Length > Complexity
Do not reset passwords periodically
Pay attention when the Mac tells you that the password is commonly used
Turn on full disk encryption.
Ransomware or Insider Risk
It is possible for an insider to ransom your Mac, steal the contents of your drive, or plant fake evidence on it.
Do not leave your Mac in the hands of someone you don't trust.
Comments