AppleInsider has a good piece on Apple’s T2 chip. It’s incomplete in that it doesn’t cover the T2’s built-in image signal processor and SSD controller, but it’s still good info to have, and we recommend it.
If you spent any time looking into which Mac desktop or notebook to buy before you paid out for a shiny new machine, you’ll have seen Apple’s website extolling the fact that many of them have T2 security chips. That’s nice. Only, it’s more than nice, it’s more than a way to invisibly secure your Mac, it is a process that has a dramatic and visible effect on just about everything you do.
Check It Out: Digging into Apple’s T2 Chip
Read also the Apple Insider article referenced in this article about issues for musicians with USB2 audio interfaces. T2 does not play nicely with USB2 audio interfaces, and the only solutions are get an externally powered Thunderbolt dock or update the audio interface to one with a USB3 or Thunderbolt interface. Neither being cheap, but the price of progress, I guess.
Bryan:
This read on the T2 chip was a good one, despite the fact that I took time that I did not have to read it.
The key thought that I had throughout was about professionalism. Bear with me.
When one has a craft, trade or profession that required training and apprenticeship to achieve proficiency to ply it, it increases one’s recognition of, and appreciation for, other trades, crafts and professions. One can spot a professional at work in practically any other discipline simply by their effortless mastery of their craft in two important ways. First, they make complex tasks (eg landing an aircraft) look simple, and second, here’s what’s relevant to the T2 chip story, they can articulate in common language the complexity of things that to the untrained eye appear simple, like the T2 chip.
Apple have, for years now, made the Mac an increasingly closed system, both on the software side and increasingly on the hardware side. The iOS, tvOS and watchOS, of course, have always been closed. Factory level configuration without the option to alter post-purchase is now the standard on the most widely proliferated Mac machines, including the MBP, MBA and iMac, despite protests from sectors of the user base.
I’ve argued before, but this brief report on the T2 chip appositely underscores, that the Mac is more than simply an amalgam of disparate parts; it’s the closest thing that a machine using today’s technology can be to an organic whole, surpassing in complexity, function and capability the mere sum its parts.
This is as relevant to security as it is to performance. Current and emerging security threats are industrial level to state-sponsored in complexity, ingenuity and the rapidity of rollout. If reports of 5G alone are correct, some emerging technologies will already be compromised at rollout. Security countermeasures are now dynamic, adaptive and in-built by design in both the OS and the hardware; hardware whose security performance is, in part, a function of its integration as a system. This security paradigm cedes advantage to any company that controls the whole widget.
What does this have to do with professionalism? Security is a profession, not an amateur sport or a discipline for the dilettante. It has to be state of the art, anticipate where the industry and therefore the threats are headed for the projected life of the device in order for that device to be a valuable proposition, and it must have the means to be adapted with realtime software and firmware updates.
As a professional in an entirely different discipline, the T2 chip reminds me of what I don’t know, nor would have the time or capability to address. Not only do I not know the many things that my hardware is doing to secure my data, I don’t know enough about the technology to anticipate and correct all of the ways in which it can be compromised. Last year’s scare about the Chines military intel compromising the hardware used by multiple tech industries was discomfiting, not because the tech giants denied that they had been compromised, but because none denied the feasibility of such a hardware level attack.
I not only want my third party apps to be verified/trusted, I want the same for my system’s hardware. I also recognise that I lack the proficiency and technical prowess to know whether a piece of kit will compromise the performance/security of such an integrated system as a Mac, including security updates for hardware performance; as well as how that piece could itself be susceptible to exploit and how to determine if it is.
The best I can do as a consumer is to follow best practices in security hygiene. As for what hardware should be allowed into my devices, this is one decision that I am happy to leave to the professionals.
The Apple T2 chip is great, but it should be optional to encrypt the disk. the is no need for that on public computers having no private data or whenever the user wants, for instance at University. Otherwise encrypting-decrypting is a waste of energy and aggression to planet Earth, beware the SSD wearing involved. Is Apple listening?