Could old images be retained on a device or your Mac after you had securely erased it using Erase Assistant?
Secure Enclave
Quantum computers are coming, and with them the likelihood they can break today’s encryption methods. Prepare now against the future, using iMessage’s latest features.
Secure Boot and its 5 stages, the SSV, support for external bootable disks, the SEP, Recovery, and lightweight virtualisation.
First added to Macs in the T1 chip, the Secure Enclave makes it far harder for an attacker to gain access to secrets like the FileVault encryption key.
macOS has two types of keychain, and its tools for working with them, Keychain Access and the command tool security, only work fully with one type.
On T2 and M1 Macs, FileVault provides robust protection of the Data volume on internal storage without any performance penalty.
Summary and links for the latest information about what’s in the current M1 chip, from differences in caches between cores, to the Matrix Coprocessor and Fabric limitations.
What is FileVault encryption? Is it the same as that on an M1 Mac’s internal SSD, or something different? How can you use it instead of overwriting an SSD? Which boot volumes are encrypted?
A strange volume named xART or xarts, secure memory management, and long random numbers: how they fit together to protect against replay attacks.
Unlike Intel Macs, M1 models always start booting from internal SSD, and can only offer full Recovery from there too. This has benefits, and some drawbacks too.
The Eclectic Light Company 