genew@telus.net
Date: Thu, 04 Oct 2018 20:43:44 -0700
David Gewirtz for ZDNet, 3 Oct 2018
The one serious MacBook Pro security flaw that nobody is talking about
Every MacBook since 2015 and every MacBook Pro since 2016 is at risk.
Here's how you can keep your machines safe.
selected text:
With my 2015 MacBook equipped with a MagSafe port, if I want to charge the
machine, I just plug it in. There's no risk of a data connection. As long as
I have networking off and nothing plugged into any of my ports, I'm
safe. I'm air-gapped from the rest of the world.
MacBooks before 2015 and MacBook Pros before 2016 could charge without any
risk, as long as everything else was off, empty, or disconnected. Prior to
the USB C-only MacBook Pros, at least charging the device wasn't a possible
hacking vector. But with the MacBook from 2015 on, and for the MacBook Pros
from 2016 on, the only way you can charge the notebook is by connecting to a
USB-C port.
That's right. In order to charge the machine, you must connect to a port capable of transferring data. You have no choice.