Comment by yaseeng

8 hours ago

For context: I submitted this to Apple in September 2025 and waited 6 months before publishing. Apple closed both reports citing FileVault as a mitigation, which is technically accurate but FileVault is opt-in and many people disable it during setup without understanding what it does (myself included when I got my MacBook in 2020). My personal view is that the behavior significantly reduces the effort required to persist data on an unencrypted system compared to for example side-loading Linux. Regardless, Tahoe 26.3 (It might have been patched before, I didn't check) appears to have silently patched both issues.

2 comments

yaseeng

Reply
KennyBlanken  7 hours ago

> which is technically accurate but FileVault is opt-in

It's been on by default since around circa 2013.

Also, Filevault is on top of the encryption provided by secure enclave

> many people disable it during setup without understanding what it does

Citation required. Most people don't disable things on their computer when they "don't understand what it does."

> myself included when I got my MacBook in 2020

That's an anecdote, not evidence of a trend in a population.

> Tahoe 26.3 (It might have been patched before, I didn't check) appears to have silently patched both issues.

Gotta love a clickbait title designed to make people panic....about a minor fixed two months ago