iMac Pro Features New T2 Chip for Extra Security
According to a handful of early reviews, Apple’s new iMac Pro is an absolute beast of a machine. While detailed performance reviews will likely emerge over the next few weeks it is worth point out that Apple’s next-generation pro desktop will bring some welcomed changes to the currently shipping Macs.
Apple’s iMac Pro will support a new custom chip called T2, which is responsible for storing encryption keys, handling secure boot, and handling several system-level security functions.
Details on the T2 chip were revealed on Tuesday by Cabel Sasser, cofounder of developer Panic. According to Sasser, the T2 chip combines previously discrete functions, including the system management controller, image signal processor for FaceTime camera, audio control, and SSD control.
? Security. This new chip means storage encryption keys pass from the secure enclave to the hardware encryption engine in-chip — your key never leaves the chip. And, they it allows for hardware verification of OS, kernel, boot loader, firmware, etc. (This can be disabled…) pic.twitter.com/qKJ6bHdtr8
— Cabel Sasser (@cabel) December 12, 2017
Similar to the MacBook Pro’s T1 chip, the T2 chip has a secure enclave for storing information like passwords. In addition, the successor security chip feature a hardware encryption engine.
To take advantage of the T2 chip, the iMac Pro’s version of macOS High Sierra includes a new “Startup Security Utility” option. Using this will allow users to turn on a firmware password to prevent a computer from starting up from a different hard disk, CD or DVD without the password.
Apple’s macOS operating system also gains new “Secure Boot” options, ranging from “Full Security” to “Medium Security” or none. When “Full Security” is enabled, the system ensures only the latest and most secure software can be run, requiring a network connection at software installation time.
Apple’s first T1 chip launched in late 2016 in the MacBook Pro. There, it is responsible for Touch ID authentication, as well as the secure enclave for storing Apple Pay credentials.
The details on the iMac Pro T2 chip would seem to dispel earlier rumors that claimed Apple would build a full-fledged A10 chip into the iMac Pro.
Other reports suggested that the addition of custom Apple silicon in the iMac Pro could enable always-on “Hey Siri” support. Sasser’s notes on Twitter gave no mention of “Hey Siri” support, but given the T2’s integration with other key components in the iMac Pro, it’s possible that it could be coming in a future macOS update.