As the tweet mentions, there is a disparity for OS-level access to UEFI runtime services.
The last piece in the puzzle that is the booting of a Mac is understanding how any given volume is made bootable, and how it can be made the next startup volume.[…]
Settings that can be audited/ fixed:
enable automatic updates
enable admin password preferences
enable terminal secure entry
disable firewall builin software
disable firewall downloaded signed
disable mail remote content
disable remote apple events
disable remote login
set airdrop contacts only
set appstore update check daily
check kext loading consent
check EFI integrity
check firmware password set
Only 4 hours old, “Fresh Meat”, as they used to say in the olde days of the Interwebs.
Extracts EFI firmware installer pkg from High Sierra installer
the latter Apple support article on Secure Boot has been updated recently:
About Secure Boot
Mac computers that have the Apple T2 chip
Drop EFI is a super Droplet for Mount any EFI Partition on macOS
Working for HFS+J, APFS, NTFS GPT, Core Storage volumes.
Some time ago, I proposed that macOS 10.14 should be named Gormenghast, to reflect its many concealed and neglected features. These can trip up its own security and the protection of privacy when an old system within macOS is quietly storing sensitive data in an unprotected location. A good example is the latest vulnerability in QuickLook (or Quick Look, as Apple uses both forms). Here is a brief overview of some of the potentially sensitive information which macOS secretes away in unexpected places. If you’re concerned about protecting the security of your data, these should be places to watch; if you’re a forensic analyst, these are often rewarding places to look.[…]
Apple has a new file system, APFS. This causes Hackintosh people lots of grief. There are lots of Apple APFS binaries online, and now there’s this:
Implementation of AppleLoadImage protocol discoverd in ApfsJumpStart Apple driver. This protocol installs in CoreDxe Apple’s firmware. Gives ability to use native ApfsJumpStart driver from Apple firmware
cugu for awesome research according APFS structure
CupertinoNet and Download-Fritz for Apple EFI reverse-engineering
vit9696 for codereview and support in the development
Chip vendors controlling the security of OSes should be more transparent in their selection process. They should maintain a list of OSVs that they maintain embargoed fixes. Then uses could determine if they want to trust the OS or not, or try to lobby to try and get the ISA vendor to support their OS. Is the OS on the list, ok then they may have some chance at fixing things. If not on the list I expect to be vulnerable until the embargo ends. There are MANY more OSes than Microsoft Windows, Apple macOS, a limited number of Linux distros, and sometimes FreeBSD.
In some forums, Bryan Cantrill is crafting a fiction. He is saying the FPU problem (and other problems) were received as a leak. He is not being truthful, inventing a storyline, and has not asked me for the facts. This was discovered by guessing Intel made a mistake. We are doing the best for OpenBSD. Our commit is best effort for our user community when Intel didn’t reply to mails asking for us to be included. But we were not included, there was no reply. End of story. That leaves us to figure things out ourselves. Bryan is just upset we guessed right. It is called science.
Command Line EFI Mounter
This is a simple app that helps you to mount any EFI partition Inside Mac OS X.
Working for Mac OS X 10.9 to 10.13
macOS Shell Scripts to clone the EFI partition automatically from either Carbon Copy Cloner or SuperDuper! when run on a Hackintosh