It would seem that the security measure is designed only to protect users while the lid is closed. Researchers have had to determine this feature as it has not been spelled out directly yet by Apple.Īpple did, however, say that the T2 chip was not configured to disconnect the camera at the hardware level similar to the microphone as the camera’s field of view is naturally obscured while the lid is closed. With the lid closed the OS runs in a suspended state and malware could still be activated to record conservations. Security researchers believe that the new feature was likely added to prevent malware or intrusive apps from secretly recording users when they close their lids. Despite that, the feature began shipping in January it was not mentioned in a white paper published in January.
This is because the hardware disconnect will only work on those products with lids, such as the MacBook Pro and MacBook Air.
It is important to note that what Apple terms their portable products, namely iPhone and iPad, will not have the new feature.
The iMac Pro and the MacBook Pro models from 2018 already come with the new T2 chips installed. Apple started shipping products with its new T2 security chip in January this year. The T2 is not incredibly new as one might expect. On the newest Macs, T2 chips are the foundation for new features like the APFS encrypted storage system, a more robust secure boot process, and the TouchID authentication on Macs. They operate separately from the main CPU, been used exclusively to handle encryption related operations in a secure, hard-to-tamper chipset. In summary for those not wanting to read the entire white paper, the T2 is a secure co-processor that is embedded in the latest Apple devices. “All Mac portables with the Apple T2 Security Chip feature a hardware disconnect that ensures that the microphone is disabled whenever the lid is closed…This disconnect is implemented in hardware alone, and therefore prevents any software, even with root or kernel privileges in macOS, and even the software on the T2 chip, from engaging the microphone when the lid is closed.”
In a white paper published by Apple detailing the new chips features Apple had the following to say,
While Apple doesn't like to talk about malware, recently there are quite a few browser hijackers (for example weknow.ac, ), potentially unwanted applications (for example advanced mac cleaner, mac cleanup pro) and adware (for example CoinTicker, MacOSDefender) targeting Mac OS operating system.
Secretly recording user conversations using the webcam, for example, has become a staple feature of many spyware and other malware variants over the last several years. This new feature can be seen as a security enhancement designed to prevent malware from secretly recording users. Apple further revealed that all new notebooks that come with a built-in T2 security chip will now disconnect the built-in microphone at the hardware level when users close their devices' lids. It has almost been a week since Apple unveiled the new MacBook Air in Brooklyn, New York, the reveal was important for another reason.