zlacker

[parent] [thread] 1 comments
1. sugarp+(OP)[view] [source] 2023-07-25 16:42:06
This makes sense for iPhones but if attestation is possible on macs, as I believe it is, as well does that not sidestep most of the “equivalent to jailbreak” requirements?
replies(1): >>mike_h+C3
2. mike_h+C3[view] [source] 2023-07-25 16:54:23
>>sugarp+(OP)
Macs have alternate mechanisms that achieve the same thing. SIP de-privileges the root user, the boot filesystems are cryptographically sealed, and the kernel will prevent apps tampering with each other to at least some extent.

So whilst you can "jailbreak" a Mac you can only do it by following Apple's procedures, which leaves a trace that can detected in the remote attestation. At least I assume that's what's going on from their docs.

[go to top]