Cracking the T2 Chip
Passware provides tools that can crack passwords on PCs and Macs. The latest version of the kit adds support for Windows 11 and macOS Monterey. The release notes for the macOS Monterey capabilities say:
All of the features of the Mac version of the Passware Kit are now fully supported for macOS Monterey, including but not limited to Keychain data extraction, password recovery for FileVault2/APFS and Apple DMG, user password extraction from a memory image, and APFS unlock for Macs with Apple T2.
There is no public demonstration of this capability but that’s likely because Passware only sells its products to governments, law enforcement agencies, and certain private companies.
However, 9to5Mac has learned that Passware is now offering an add-on module that can defeat Macs with the T2 chip, apparently by bypassing the features designed to prevent multiple guesses. Having defeated this protection, users can then apply the dictionary of their choice. Passware provides a dictionary of the 550,000 most commonly-used passwords (created from various data breaches), along with a larger one of 10 billion passwords.
The T2 chip [PDF] was released by Apple in 2018. It handles such features as Touch ID, secure boot, SSD encryption, and more tasks.
This is not the first time that the chip has been defeated. In 2020 it was jailbroken with the checkra1n tool by taking advantage of two exploits, Checkm8 and Blackbird. At the time, the T2 chips were considered “unpatchable” and it’s unknown if Apple has been able to fix the security issue in subsequent updates of the Mac.