Mac users who upgrade to macOS High Sierra will benefit from a significant new security feature that works in the background.

macos high sierra
macOS High Sierra automatically checks a Mac's EFI firmware against Apple's database of "known good" data to ensure it hasn't been tampered with, according to a series of tweets from an Apple engineer.

The tweets have since been deleted, but a summary remains available on the Mac blog The Eclectic Light Company.

The new utility eficheck, located in /usr/libexec/firmwarecheckers/eficheck, runs automatically once a week. It checks that Mac's firmware against Apple's database of what is known to be good. If it passes, you will see nothing of this, but if there are discrepancies, you will be invited to send a report to Apple.

If the check fails, a prompt will appear with options to "Send to Apple" or "Don't Send." The selection is remembered in subsequent weeks.

eficheck
The "eficheck" tool sends the binary data from the EFI firmware, and preserves user privacy by excluding data which is stored in NVRAM, according to The Eclectic Light Company. Apple will then be able to analyze the data to determine whether it has been altered by malware or anything else.

The database's library will be automatically and silently updated so long as security updates are turned on.

EFI, which stands for Extensible Firmware Interface, bridges a Mac's hardware, firmware, and operating system together to enable it to go from power-on to booting macOS.

macOS High Sierra will be publicly released on the Mac App Store later today.

Tags: Security, EFI
Related Forum: macOS High Sierra

Top Rated Comments

jsalda Avatar
78 months ago
Huh, I wonder what this will mean for Hackintosh?
Score: 14 Votes (Like | Disagree)
gpat Avatar
78 months ago
Huh, I wonder what this will mean for Hackintosh?
Probably nothing at all.
Will just make actual Macs more secure.
Score: 9 Votes (Like | Disagree)
craig1410 Avatar
78 months ago
This is great news as it should help to guard against any sort of tampering which might result through a bad actor having temporary physical access to a machine such as at a border security point.

I honestly don't believe that Hackintoshes are being targeted here but if increasing legitimate Mac security results in Hackintoshes having a few bumps in the road then so be it IMO.
Score: 7 Votes (Like | Disagree)
Onexy Avatar
78 months ago
Spoken like a government. This is probably not to fight malware but to fight hackintoshs.
Score: 6 Votes (Like | Disagree)
Cougarcat Avatar
78 months ago
This sounds like a way to get rid of Hackintoshes.
Huh, I wonder what this will mean for Hackintosh?
This doesn’t affect hackintoshes. HS is working on them just fine. (The Apple employee who posted the original tweets even said don’t send in your data if you’re on a hack, because it’s useless to them.)
Score: 6 Votes (Like | Disagree)
jblagden Avatar
78 months ago
('https://www.macrumors.com/2017/09/25/macos-high-sierra-weekly-efi-security-check/')


Mac users who upgrade to macOS High Sierra will benefit from a significant new security feature that works in the background.



macOS High Sierra automatically checks a Mac's EFI firmware against Apple's database of "known good" data to ensure it hasn't been tampered with, according to a series of tweets from an Apple engineer.

The tweets have since been deleted, but a summary remains available on the Mac blog The Eclectic Light Company ('https://eclecticlight.co/2017/09/24/high-sierra-automatically-checks-efi-firmware-each-week/').If the check fails, a prompt will appear with options to "Send to Apple" or "Don't Send." The selection is remembered in subsequent weeks.



The "eficheck" tool sends the binary data from the EFI firmware, and preserves user privacy by excluding data which is stored in NVRAM, according to The Eclectic Light Company. Apple will then be able to analyze the data to determine whether it has been altered by malware or anything else.

The database's library will be automatically and silently updated so long as security updates are turned on.

macOS High Sierra will be publicly released on the Mac App Store later today.

Article Link: macOS High Sierra Automatically Performs Security Check on EFI Firmware Each Week ('https://www.macrumors.com/2017/09/25/macos-high-sierra-weekly-efi-security-check/')
This sounds like a way to get rid of Hackintoshes.
Score: 6 Votes (Like | Disagree)

Popular Stories

iPhone 16 Mock Header With Dynamic Island

Skipping the iPhone 15 Pro? Here's What's Rumored for iPhone 16 Pro

Friday September 22, 2023 9:29 am PDT by
Are you skipping the iPhone 15 Pro and waiting another year to upgrade? If so, we already have some iPhone 16 Pro rumors for you. Below, we recap new features rumored for the iPhone 16 Pro models so far:Larger displays: The iPhone 16 Pro and iPhone 16 Pro Max will be equipped with larger 6.3-inch and 6.9-inch displays, respectively, according to Ross Young, CEO of Display Supply Chain...
Update Your iPhone 15 to iOS 17

Warning: Update Your iPhone 15 to iOS 17.0.2 Before Transferring Data From Another iPhone

Friday September 22, 2023 6:36 am PDT by
If you are unboxing an iPhone 15, iPhone 15 Plus, iPhone 15 Pro, or iPhone 15 Pro Max today, make sure to update the device to iOS 17.0.2 before transferring data to the device from another iPhone, or else you might encounter issues. iOS 17.0.2 is only available for the iPhone 15 lineup. Apple says the update fixes an issue that may prevent transferring data directly from another iPhone...
iOS 17

Apple Releases iOS 17.0.1 and iPadOS 17.0.1 With Bug Fixes, Plus iOS 17.0.2 for iPhone 15 Models

Thursday September 21, 2023 10:28 am PDT by
Apple today released iOS 17.0.1 and iPadOS 17.0.1 updates for the iPhone and the iPad, adding bug fixes to the new software. The iOS 17.0.1 and iPadOS 17.0.1 updates come just a few days after Apple launched iOS 17 and iPadOS 17. The software, which is build 21A340, can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. There is a...
Apple Watch Ultra 2 double tap gesture 230912

watchOS 10.1 to Enable Apple Watch's New 'Double Tap' Gesture

Thursday September 21, 2023 12:52 pm PDT by
The new Double Tap gesture for the Apple Watch Series 9 and the Apple Watch Ultra 2 will be enabled starting with watchOS 10.1, according to Marques Brownlee, host of the popular tech-focused YouTube channel MKBHD. The first beta of watchOS 10.1 will likely be available by next week, and Apple announced that the software update will be released next month. Brownlee shared his impressions...