Mac – Are Macs vulnerable to the recent SSD encryption vulnerability

macSecurityssd

It was recently discovered that the hardware encryption of many SSDs is completely broken and cannot be trusted at all.

Can this affect Macs? Does MacOS trust the hardware encryption of the SSD drives, or does it always use software encryption? Is there a way to check whether SSD-based or software encryption is being used?

Best Answer

This does not affect Mac because Apple doesn't use the SSD's built in hardware encryption algorithm. Apple's FileVault uses an XTS-AES 128 cipher that's "tied" to a password and protects the boot partition of your drive (the EFI is not).

The SSDs mentioned in the article can have the master password "reset" by simply writing a single bit to the SSD's firmware.

Operating Systems like macOS and FreeBSD boot an un-encrypted partition first, then it boots the encrypted one based on a password/phrase/credential supplied by the user.

Does MacOS trust the hardware encryption of the SSD drives, or does it always use software encryption?

It doesn't trust it nor distrust it. It uses it's own encryption rather than what's included with the drive.

Is there a way to check whether SSD-based or software encryption is being used?

For macOS through Sierra (10.12.x):

diskutil info diskX | grep -i encrypted

For macOS High Sierra and (10.13.x):

diskutil apfs list | grep -B6 FileVault

Related Solutions

MacOS – What GPU functions or capabilities are behind AirPlay mirroring

There's some misinformation going on at the moment on what exactly is needed for Macs to support AirPlay Mirroring. The cultofmac article correctly states direct access to the GPU for H264 encoding but this is supported on Macs older than the one's listed to support AirPlay Mirroring. So this isn't the main requirement.

The really important feature to make AirPlay Mirroring work is Intel's QuickSync baked into Sandy Bridge CPUs. And only the newer devices listed by Apple have that. So the main requirement for AirPlay Mirroring is a specific CPU feature, not GPU.

MacOS – Are Macs vulnerable to the Bash shellshock bug

Yes you are technically vulnerable. So if you feel like panicking or billing a panicked client for a few hours of panic work, go for it!

But the reality is unless you allow SSH access from remote connections or a web server that runs server side scripting, you are not at risk. You are only truly vulnerable if someone you do not know can remotely access your machine & do so in a way where a Bash command can be executed.

Meaning your desktop Mac—which really does not run server applications of any kind—is not at any serious risk. I am willing to eat some proverbial “humble pie” here, but I do not think the majority of Mac users out there will be at risk at the end of the day.

So this issue is mainly of concern to system administrators on Mac OS X & Unix/Linux servers exposed to the world, not desktop users who do not enable SSH sharing.

Perhaps there is an edge risk of a Mac malware or virus being created to exploit this risk, but I doubt it.

EDIT: And just to elaborate how this issue is—in my humble opinion—not really an issue to most average users, yes I can run the following command from bash on Mac OS X 10.9.5:

env x='() { :;}; echo vulnerable' bash -c 'echo hello'

And I see this:

vulnerable
hello

Guess what? That is only terrifying if you don’t rationally think this out. I had to already have been logged into my Mac to even open the Terminal. And to negate what I said about SSH above, to even get to the point I can run this test even if SSH is enabled I would still have to be logged in to begin with. And then—let’s say I get access via SSH—the command does not allow me to do ANYTHING past my normal user rights such as this:

env x='() { :;}; echo vulnerable' bash -c 'cat /etc/ssh_host_rsa_key'

Meaning if you truly are vulnerable to being exploited by this hack, your core security on the system would have to be so compromised that the fact that bash has a flaw is really the very least of your issues.

This is a concern from an overall control & rights issue as it as the potential to allow unintended access since the behavior extends outside of expected norms. But in my humble opinion, it is not a risk on par with OpenSSL or the garden variety “let me leave my password on a note taped to my screen” risks.

At the end of the day I am still patching all of my Linux/Unix servers I run as standard procedure. And will happily patch the Macs I manage once a fix is out. But for practical day-to-day use I feel fine not worrying about this since I do not understand how a flaw that does not allow for elevated user privileges adds up to anything.

UPDATE: Official word from Apple posted here; emphasis mine:

“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities," an Apple spokesperson told iMore. "Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.”

Translation: What I said above about this being a server issue & not a client issue? Exactly.

A FINAL UDPATE: For anyone struggling with compiling from source, as of September 29th, Apple has officially released patches for Mac OS X 10.9.5, 10.8.5 as well as 10.7.5:

YET ANOTHER FINAL UPDATE: And now, Apple has just released a combination security update today that includes the bash update as well!

Note: Security Update 2014-005 includes the security content of OS X bash Update 1.0

Best Answer

Related Solutions

MacOS – What GPU functions or capabilities are behind AirPlay mirroring

MacOS – Are Macs vulnerable to the Bash shellshock bug

Related Question