macOS High Sierra Automatically Performs Security Check on EFI Firmware Each Week

by

Mac users who upgrade to macOS High Sierra will benefit from a significant new security feature that works in the background.


macOS High Sierra automatically checks a Mac's EFI firmware against Apple's database of "known good" data to ensure it hasn't been tampered with, according to a series of tweets from an Apple engineer.

The tweets have since been deleted, but a summary remains available on the Mac blog The Eclectic Light Company.

The new utility eficheck, located in /usr/libexec/firmwarecheckers/eficheck, runs automatically once a week. It checks that Mac's firmware against Apple's database of what is known to be good. If it passes, you will see nothing of this, but if there are discrepancies, you will be invited to send a report to Apple.

If the check fails, a prompt will appear with options to "Send to Apple" or "Don't Send." The selection is remembered in subsequent weeks.


The "eficheck" tool sends the binary data from the EFI firmware, and preserves user privacy by excluding data which is stored in NVRAM, according to The Eclectic Light Company. Apple will then be able to analyze the data to determine whether it has been altered by malware or anything else.

The database's library will be automatically and silently updated so long as security updates are turned on.

EFI, which stands for Extensible Firmware Interface, bridges a Mac's hardware, firmware, and operating system together to enable it to go from power-on to booting macOS.

macOS High Sierra will be publicly released on the Mac App Store later today.

Tags: security, EFI

Top Rated Comments

(View all)
Avatar
39 months ago
Huh, I wonder what this will mean for Hackintosh?
Score: 14 Votes (Like | Disagree)
Avatar
39 months ago

Huh, I wonder what this will mean for Hackintosh?

Probably nothing at all.
Will just make actual Macs more secure.
Score: 9 Votes (Like | Disagree)
Avatar
39 months ago
This is great news as it should help to guard against any sort of tampering which might result through a bad actor having temporary physical access to a machine such as at a border security point.

I honestly don't believe that Hackintoshes are being targeted here but if increasing legitimate Mac security results in Hackintoshes having a few bumps in the road then so be it IMO.
Score: 7 Votes (Like | Disagree)
Avatar
39 months ago
Spoken like a government. This is probably not to fight malware but to fight hackintoshs.
Score: 6 Votes (Like | Disagree)
Avatar
39 months ago

This sounds like a way to get rid of Hackintoshes.

Huh, I wonder what this will mean for Hackintosh?

This doesn’t affect hackintoshes. HS is working on them just fine. (The Apple employee who posted the original tweets even said don’t send in your data if you’re on a hack, because it’s useless to them.)
Score: 6 Votes (Like | Disagree)
Avatar
39 months ago

('https://www.macrumors.com/2017/09/25/macos-high-sierra-weekly-efi-security-check/')


Mac users who upgrade to macOS High Sierra will benefit from a significant new security feature that works in the background.



macOS High Sierra automatically checks a Mac's EFI firmware against Apple's database of "known good" data to ensure it hasn't been tampered with, according to a series of tweets from an Apple engineer.

The tweets have since been deleted, but a summary remains available on the Mac blog The Eclectic Light Company ('https://eclecticlight.co/2017/09/24/high-sierra-automatically-checks-efi-firmware-each-week/').If the check fails, a prompt will appear with options to "Send to Apple" or "Don't Send." The selection is remembered in subsequent weeks.



The "eficheck" tool sends the binary data from the EFI firmware, and preserves user privacy by excluding data which is stored in NVRAM, according to The Eclectic Light Company. Apple will then be able to analyze the data to determine whether it has been altered by malware or anything else.

The database's library will be automatically and silently updated so long as security updates are turned on.

macOS High Sierra will be publicly released on the Mac App Store later today.

Article Link: macOS High Sierra Automatically Performs Security Check on EFI Firmware Each Week ('https://www.macrumors.com/2017/09/25/macos-high-sierra-weekly-efi-security-check/')

This sounds like a way to get rid of Hackintoshes.
Score: 6 Votes (Like | Disagree)

Top Stories

Leaker: 'iPhone 12 mini' and iPhone 12 Storage Capacities Start at 64GB, Pro Models at 128GB

Tuesday September 29, 2020 2:31 am PDT by
Rumors suggest Apple's iPhone 12 launch event will be held on October 13, with the more affordable 5.4 and 6.1-inch devices set to ship out ahead of the more expensive 6.1-inch and 6.7-inch Pro devices, and this morning hit-and-miss leaker Jon Prosser has further committed to that date by providing alleged details on Apple's first shipment of finalized iPhone 12 units. Prosser claims the...

Hands-On With iOS 14.2's New Shazam Music Recognition Toggle in Control Center

Monday September 28, 2020 2:35 pm PDT by
Shortly after launching iOS 14, Apple introduced an upcoming iOS 14.2 update, which is now available to developers and public beta testers ahead of a public release that could come at some point in October. Subscribe to the MacRumors YouTube channel for more videos. The iOS 14.2 update mainly focuses on the Control Center, introducing a new Music Recognition toggle that deepens the Shazam...

Top Stories: iOS 14 Feature Tour, 'iPhone 12 mini' Rumors, Apple Watch Band Controversy

Saturday September 26, 2020 6:00 am PDT by
Things started to calm down a bit this week following last week's rush of media event, Apple Watch and iPad launches, and the release of iOS 14 and other operating updates. But that doesn't mean there wasn't still a lot of news, from digging deeper into iOS 14 to more iPhone 12 rumors to the uproar over trying to exchange band sizes on the new Apple Watch. On top of all of that, we heard...

DigiTimes: 12.9-inch Mini-LED iPad Pro Arriving Early 2021, Mini-LED MacBook Coming Later

Tuesday September 29, 2020 4:18 am PDT by
Apple will launch a 12.9-inch mini LED-backlit iPad Pro in early 2021 and a mini LED-backlit MacBook in the second-half of next year, according to DigiTimes. The Taiwan-based industry publication claims Epistar will supply the over-10,000 mini LEDs used in each iPad Pro tablet. Meanwhile, Apple is expected to recruit Osram Opto as another supplier of mini LEDs for use in a new "high-end"...

iPhone 12 May Launch Earlier Than Usual in South Korea

Monday September 28, 2020 5:24 am PDT by
The upcoming iPhone 12 lineup may launch earlier than usual in South Korea, reports The Korea Herald. South Korean telecoms firms speaking to The Korea Herald have said that the iPhone 12 lineup will launch ahead of its usual schedule. Normally, the release of new iPhones in South Korea comes about one month after launch in the United States. Last year, the iPhone 11 arrived in South Korea ...

iOS 14: 'Phoenix 2' Space Shooter Delivers Playable Demo via App Clips

Saturday September 26, 2020 2:08 pm PDT by
One of the new features that arrived in iOS 14 is called App Clips. App Clips is described by Apple to be a "small part of your app" that can be available to users at just the right moment.App Clips focus on finishing one task quickly. An ideal App Clip experience allows users to open and complete a task in seconds. Instead of requiring an App Store download, they can be loaded and run via...

Epic Games Unlikely to Win Injunction in Ongoing Fortnite Battle With Apple, Jury Trial Possible

Monday September 28, 2020 1:14 pm PDT by
The ongoing legal dispute between Apple and Epic Games continued on today, with a preliminary injunction hearing taking place this morning. We're still waiting to hear the judge's official ruling, but it looks like Epic is not going to be granted an injunction to allow Fortnite back into the App Store as the case unfolds. Many of the arguments that lawyers for Apple and Epic Games made were...

iPhone 12 Production Lines at Foxconn's Zhengzhou Factory in China Running '24 Hours a Day'

Tuesday September 29, 2020 3:38 am PDT by
Apple contract manufacturer Foxconn is running its massive Zhengzhou factory in China 24 hours a day to produce the new iPhone 12, according to Chinese media reports. Apple's main iPhone manufacturer in China is said to be cancelling workers' holidays and introducing mandatory overtime with additional bonuses for longer-serving staff, according to information garnered from employees,...

'iPhone 12 mini' Name Reappears in Leaked Apple iPhone 12 Case Stickers

Friday September 25, 2020 1:58 am PDT by
Earlier this week a proven leaker claimed that the iPhone 12 lineup would be named "iPhone 12 mini," "iPhone 12," "iPhone 12 Pro," and "iPhone 12 Pro Max," and today the same nomenclature has appeared again in a photo depicting alleged stickers from unreleased Silicone iPhone cases originating from Apple's international distribution center in Ireland. The photo shows three stickers with the...

Apple Releases iOS 14.0.1 With Fix for Bug That Resets Default Apps After Rebooting

Thursday September 24, 2020 10:12 am PDT by
Apple today released iOS 14.0.1, the first update to the iOS 14 operating system that was released on September 16. Today's update is a bug fix update addressing issues that weren't able to be fixed in the initial iOS 14 launch. The iOS 14.0.1 update is available on all eligible devices over-the-air in the Settings app. To access the new software, go to Settings > General > Software Update. ...