iMac Pro Features Apple's Custom T2 Chip With Secure Boot Capabilities

Apple today confirmed the iMac Pro is equipped with its custom T2 chip for enhanced security and integration. The chip is second-generation silicon, building upon the T1 chip in the latest MacBook Pro with the Touch Bar that authenticates and secures Touch ID and Apple Pay respectively.

The T2 chip integrates several previously separate components, including the system management controller, image signal processor, audio controller, and SSD controller, for expanded capabilities on the iMac Pro.

For instance, Apple says the T2 chip's image signal processor works with the FaceTime HD camera to enable enhanced tone mapping, improved exposure control, and face detection-based auto exposure and auto white balance.

The T2 chip also has a Secure Enclave coprocessor that makes the iMac Pro even more secure with new encrypted storage and secure boot capabilities.

The data on your SSD is encrypted using dedicated AES hardware with no effect on the SSD's performance, while keeping the Intel Xeon processor free for your compute tasks. And secure boot ensures that the lowest levels of software aren't tampered with and that only operating system software trusted by Apple loads at startup.

Cabel Sasser, co-founder of software company Panic, recently shared a few screenshots of the Startup Security Utility powered by the T2 chip.

⑤ Security. This new chip means storage encryption keys pass from the secure enclave to the hardware encryption engine in-chip — your key never leaves the chip. And, they it allows for hardware verification of OS, kernel, boot loader, firmware, etc. (This can be disabled…) pic.twitter.com/qKJ6bHdtr8 — Cabel Sasser (@cabel) December 12, 2017

The settings reveal that users can enable a firmware password to prevent the iMac Pro from starting up from a different hard disk, CD, or DVD without the password. There are also three secure boot options and options to allow or disallow booting from external media devices such as USB and Thunderbolt drives.

"Full security" ensures that only the latest and most secure software can be run. Apple says this mode requires a network connection at the time of software installation. "Medium security" requires verifiable software to boot, but not the latest software, and "no security" lets the operating system boot freely.

iMac Pro became available to order today with 8- to 18-core configurations ranging in price from $4,999 to $13,199 in the United States. 14-core and 18-core models don't ship for an estimated 6-8 weeks.