Skip to main content

EFI firmware protection locks down newer Macs

posted onOctober 31, 2012
by l33tdawg

With Apple's firmware password feature on Mac systems you can lock down the options to select an alternative startup disk, boot to Safe or Single User modes, reset the PRAM, and otherwise start the system in ways that can bypass the security features of OS X.

However, as a security measure the firmware password has been met with some criticism because it could easily be bypassed by someone who has physical access to the system. In earlier Intel-based Macs the firmware password was stored in the PRAM of the system, and was simply read by the system's EFI firmware before other PRAM variables in order to maintain the lock on the system; however, this setup had drawbacks that allowed the firmware to be reset or even revealed.

Altering the system's hardware configuration, such as by removing or adding RAM modules, would clear the security password and permit booting to alternative modes. Not only did this basic way of bypassing the password exist, but the password was also not stored very securely. While administrative rights are required to uncover it, with these rights one can use included utilities in OS X to reveal the password in the PRAM, which is masked only by a simple obfuscation routine.

Source

Tags

Apple Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Simplenews subscription

Stay informed - subscribe to our newsletter.
The subscriber's email address.
Keeping Knowledge Free for Over a Decade

Copyright © 2018 Hack In The Box. All rights reserved.

36th Floor, Menara Maxis, Kuala Lumpur City Centre 50088 Kuala Lumpur Malaysia
Tel: +603-2615-7299 Fax: +603-2615-0088