Apple: Difference between revisions
Corrected and added information on Apple Mac Boot Security with Apple Silicon chips |
SinexTitan (talk | contribs) software are products too |
||
| Line 51: | Line 51: | ||
On Macs with Apple Silicon, the user can select from two modes of secure boot: | On Macs with Apple Silicon, the user can select from two modes of secure boot: | ||
* Permissive Security: Accessible only via recovery Terminal tools (and still enforces Apple’s secure chain for much of the boot). This is the lowest available security policy on Apple silicon but does not remove secure boot entirely in the way “No Security” used to. | *Permissive Security: Accessible only via recovery Terminal tools (and still enforces Apple’s secure chain for much of the boot). This is the lowest available security policy on Apple silicon but does not remove secure boot entirely in the way “No Security” used to. | ||
* Reduced Security: Allows booting older versions of macOS trusted by Apple but still enforces signed OS policy. | *Reduced Security: Allows booting older versions of macOS trusted by Apple but still enforces signed OS policy. | ||
* Full Security: Only the currently signed macOS version trusted by Apple can boot. | *Full Security: Only the currently signed macOS version trusted by Apple can boot. | ||
iOS devices only support Full Security mode. The device checks for a cryptographic "ticket,"<ref>{{Cite web |date=2024-11-20 |title=APTicket |url=https://theapplewiki.com/wiki/APTicket |url-status=live |archive-url=https://archive.ph/jTHEl |archive-date=2025-10-26 |access-date=2025-10-26 |website=theapplewiki.com}}</ref> which are tied to the OS version and CPU serial number. These are provided by a server, which only provides them for the latest version (with very specific exceptions). The device refuses to boot if the ticket does not match. Workarounds exist, but with major caveats that are not viable for most users,<ref>{{Cite web |date=2021-09-27 |title=Firmware rendering |url=https://theapplewiki.com/wiki/Firmware_downgrading |url-status=live |archive-url=https://archive.ph/wip/uT2aI |archive-date=2025-10-26 |access-date=2025-10-26 |website=theapplewiki.com}}</ref> see the technical details on [[wikipedia:SHSH_blob|SHSH blobs]]. | iOS devices only support Full Security mode. The device checks for a cryptographic "ticket,"<ref>{{Cite web |date=2024-11-20 |title=APTicket |url=https://theapplewiki.com/wiki/APTicket |url-status=live |archive-url=https://archive.ph/jTHEl |archive-date=2025-10-26 |access-date=2025-10-26 |website=theapplewiki.com}}</ref> which are tied to the OS version and CPU serial number. These are provided by a server, which only provides them for the latest version (with very specific exceptions). The device refuses to boot if the ticket does not match. Workarounds exist, but with major caveats that are not viable for most users,<ref>{{Cite web |date=2021-09-27 |title=Firmware rendering |url=https://theapplewiki.com/wiki/Firmware_downgrading |url-status=live |archive-url=https://archive.ph/wip/uT2aI |archive-date=2025-10-26 |access-date=2025-10-26 |website=theapplewiki.com}}</ref> see the technical details on [[wikipedia:SHSH_blob|SHSH blobs]]. | ||
| Line 172: | Line 172: | ||
*Apple Vision | *Apple Vision | ||
*Apple Pencil | *Apple Pencil | ||
*[[Apple App Store]] | *[[Apple App Store]] | ||
| Line 180: | Line 178: | ||
==See also== | ==See also== | ||
* [[Google]] | |||
* [[Microsoft]] | |||
* [[Samsung]] | |||
==References== | ==References== | ||