(www.jeffgeerling.com)

420 points speckx | 3 comments | 11 Jul 25 14:06 UTC | HN request time: 0.789s | source

Show context

porphyra ◴[11 Jul 25 15:23 UTC] No.44533210[source]▶

There are also shops in China that will upgrade the SSD in a mac mini for cheaper and they will do all the work of the DFU restore etc.

replies(3): >>44533225 #>>44533294 #>>44533743 #

ttul ◴[11 Jul 25 15:24 UTC] No.44533225[source]▶

>>44533210 #

And when the machine arrives back in the States, it even has a fresh CPC ROM soldered onto the back of the SOC!

replies(4): >>44533283 #>>44533301 #>>44533357 #>>44533397 #

hollerith ◴[11 Jul 25 15:38 UTC] No.44533397[source]▶

>>44533225 #

I'm not a security researcher, but I get the distinct impression that Apple's hardware security is good enough that if you actually had an evil-maid attack on the M4 Pro Mac mini, it would instantly become the hottest news in the security community.

replies(3): >>44534237 #>>44536090 #>>44539601 #

1. FireBeyond ◴[11 Jul 25 19:36 UTC] No.44536090[source]▶

>>44533397 #

It is mindboggling simple to override Apple MDM and device enrollment for MBPs. In a manner that is one and done, survives upgrades etc.

Two minutes or less, 4 DNS entries.

I'm a lot less convinced than you are of the hardiness of Apple's security.

replies(2): >>44536473 #>>44537350 #

2. bigyabai ◴[11 Jul 25 20:24 UTC] No.44536473[source]▶

>>44536090 (TP) #

To be fair, the parent comment did qualify their uncertainty four whole times:

1) "I'm not a security researcher" (ethos; repeal to authority)

2) "I get" (pathos; personal opinion)

3) "distinct impression" (pathos; emotional appeal)

4) "good enough" (logos; implies security is immeasurable/infeasible to prove)

Now, I wouldn't get caught dead endorsing a company that I have to write so many excuses for. But they did warn you!

3. hollerith ◴[11 Jul 25 22:20 UTC] No.44537350[source]▶

>>44536090 (TP) #

I wrote "Apple's hardware security".

↑

Upgrading an M4 Pro Mac mini's storage for half the price