I'd like to discuss the upcoming "T2" chip that Apple is starting to put in the Mac Pros, iMac Pros, and MacBook Pros (with touch-bar)"
https://www.digitaltrends.com/computing/apple-t2-chip-brings-deeper-secuirty-to-macbook-pro/Right now, an out-of-the-box macintosh has SIP enabled, primarily meaning root is neutered and you can't netboot off a server. The T2 is kicking it up a notch. Here's the highlight:
This tool also provides three settings — full, medium, and no — to control how strict the T2 chip will be during boot. For instance, the Full Security mode, set by default, requires a network connection to verify the operating system’s integrity, the latest version of MacOS, and “verifiable†software at boot. Meanwhile, the Medium Security setting doesn’t require the latest MacOS or an internet connection but still has the “verifiable software†requirement.
Read that again. Summary: "
by default, your computer requires an internet connection to BOOT"
And here I thought iPads requiring a network connection to
activate was bad!
"rootless" has been irritating enough for me at work. It would seem that what had been merely rolling downhill, has just leapt off a cliff...
(this is the hardware equivalent of "internet connection required to run the software" DRM, which as far as I can tell, Steam is the only one that has managed to pull off without starting a riot)
