cross-posted from: https://lemmy.sdf.org/post/41050620

Spy chips are:

  • Intel CPUs after ~2008
  • AMD CPUs after ~2013
  • Arm CPUs (not sure when they started the trustzone stuff but likely around 2013 since AMD uses trustzone)

I believe IBM Power9 chips are spy chip free, but not sure about the successors.

Anyway, the question is about Apple chips. Web searches are lousy these days. I find nothing to confirm or deny the presence of management engines in Apple (Motorola?) CPUs.

Intuitively, I don’t think it would make business sense for Apple to do that because a majority of their customers are non-corporate individuals (unlike intel). OTOH, if that were sound logic then it would seem to contradict Arm chips which are also largely bought by non-corporate individuals.

Anyway, if anyone knows plz mention it here, ideally with a source.

Thanks!

  • m-p{3}@lemmy.caEnglish
    3·
    9 days ago

    Technically they do through the Secure Enclave and previously the Apple T2 chip, which is what allow them to lock the device when stolen, or associate a device to an Apple Business Manager account for remote management.

    • evenwicht@lemmy.sdf.orgOPEnglish
      2·
      8 days ago

      Thanks! I would be installing linux instead of MacOS, but it does look like the hardware is compromised by this. The page you link specifically mentions these as having the feature:

      • All Mac computers with Apple silicon
      • MacBook Pro computers with Touch Bar (2016 and 2017) that contain the Apple T1 Chip

      It does not say /all/ macbook pros. So I wonder which MacBook pros do not have that T1 chip.

      I also somewhat distrust that /all/ mac computers w/Apple silicon. Surely the really old hardware like G3 wouldn’t?¹

      The most interesting would be old 2nd-hand hardware that is free from this secure enclave, but still new enough to run recent MacOS if I want to occasionally boot MacOS for hardware testing purposes. I heard the next couple generations of MacOS will require at least an M1 chip. Guess I need to research where that stands w.r.t secure enclave.

      (edit) The T2 chip page lists:

      • MacBook Pro (13-inch, 2018, Four Thunderbolt 3 ports)

      I think the macbook pros that feature non-x86 MacOS would run on were described as having Four Thunderbolt 3 ports, so I guess that rules out macbook pros. IOW, no macbook pro is spychip-free and simultaneously capable of supporting the next MacOS.

      ¹ I assumed Apple Silicon referred to Motorola chips, but the wikipedia page says Apple Silicon refers to arm chips.

      • m-p{3}@lemmy.caEnglish
        3·
        9 days ago

        I don’t have an exhaustive list of all the models, but It’s say that almost all mac without the T2 or secure enclave all have reached end of support and won’t be able to run any OS they still receives security updates. Ventura (macOS 13) will be end of support very soon, so that leaves Sonoma (14), Sequoia (15) and the upcoming Tahoe 26).

        I’m pretty sure that by the end of next year, all the Intel-based mac will no longer receive security updates, leaving only the M-based CPU with support.