hoakley July 15, 2018 Macs, Technology

New Apple support articles about MacBook Pro 2018 model with the T2 chip (updated)

New MacBook Pro models (2018) with a Touch Bar incorporate the same T2 chip which is built into the iMac Pro. Apple has just published a set of support articles detailing the changes brought by this chip, and how this changes security features of those models. Here are some that you may find useful:

About SSD encryption in new MacBook Pro 2018 and iMac Pro models with the T2 chip
About Secure Boot in Macs with the T2 chip
About Macs with the T2 chip
Identifying different models of MacBook Pro with links to their tech specs
Startup Security Utility for Macs with the T2 chip
Macs with the T2 chip don’t support starting up from network volumes which is a big issue for sysadmins.

I have included these and a couple of other updated support articles in my list of new and updated support articles.

Thanks to @mikeymikey for drawing attention to what looks like the first bug in the T2 firmware in the new MacBook Pro: if you press the Power button at about the same time that you connect your MacBook Pro to mains power, it can enter a mode in which the fans run at full speed. You may need to reset the ‘SMC’ (now part of the T2 chip functionality) to fix this.

To do that on one of these new T2-equipped MacBook Pros, shut the laptop down, then press and hold its Power button for 8 seconds. After releasing the Power button, wait a few seconds longer, then press the Power button again to start it up. Apple seems to want each Mac model to have quite different procedures for important tasks like resetting the SMC, which is exceedingly confusing.

The SMC reset procedure is detailed here, and the full-fan bug is explained here.

Another significant support note explains that, prior to selling or otherwise disposing of a MacBook Pro with a Touch Bar, you should clear all sensitive data from its secure enclave by starting up in Recovery mode, entering Terminal, and typing the command
xartutil --erase-all
You’ll be prompted to confirm that you want to clear the data. After confirming, quit Terminal and shut down.

(Further updated 16 July 2018.)

4Comments

Add yours

1

Week 28 – 2018 – This Week In 4n6 on July 15, 2018 at 12:01 pm

[…] Howard Oakley at ‘The Eclectic Light Company’ advises that Apple has updated its articles regarding the 2018 MacBook Pro’s use of the T2 chip. My understanding is that this means that the SSD cannot be removed from the computer and as a result you’ll need to use a bootable OS (for example Caine, Paladin, Recon Imager, Macquisition with the latter two probably being preferrable) to obtain an image. New Apple support articles about MacBook Pro 2018 model with the T2 chip […]

LikeLike
2

Tony on July 15, 2018 at 6:09 pm

This is a useful compendium, thank you.

The inability to start-up a T2-equipped Mac from a network volume feels a little unfinished to me. The T2 options forbidding start-up from external drives are sensible and useful if you have that security need. However, they include “No security – Does not enforce any requirements on the bootable OS”; I would expect that option to allow a network OS. Since the wording seems hard to misunderstand, perhaps the network boot will reappear in the future (or Dictionary will explain how “does not enforce any” has come to mean “enforces some”).

On a related note, I wiped a Sierra-based iMac recently (using Disk utility during reinstall as recommended by Apple when disposing of a machine) and then tried to reload Sierra via macOS recovery. Only internet recovery was available, other options were not working (Cmd-R offered the internet recovery and the other combinations of keys with Cmd-R simply didn’t work). After a long time at the spinning globe, I got an Apple logo but a couple of hours later nothing else had happened (using 50Mb/s broadband).

I tried this twice before concluding that it didn’t work and rebooted from a Time Machine disk instead. I thought that the internet boot was the ultimate recovery mechanism for a scrambled HD but my confidence is now shaken.

LikeLiked by 1 person
- 3
  
  hoakley on July 16, 2018 at 6:21 am
  
  Thanks, Tony.
  I’m not sure whether Apple intends allowing T2-equipped Macs to boot from a network: the iMac Pro still doesn’t, and there must have been plenty of corporate customers calling for that since its release.
  Regarding the Reinstall macOS procedures, Apple hasn’t changed anything in its support note to state that doesn’t work any more. Recently some of Apple’s update servers seem to have been responding very slowly, so I wonder if it was a temporary issue rather than any lasting change.
  Howard.
  
  LikeLike
  - 4
    
    Tony on July 16, 2018 at 10:35 am
    
    Thanks for the Support Note reference; that was the one I used, in fact, so your suggestion that the servers were very slow is probably correct. I did try on two different days but that doesn’t prove anything.
    
    LikeLiked by 1 person

·Comments are closed.

Share this:

Related