Comment by GeekyBear
1 day ago
The firmware blobs (and the system files) for MacOS live on a read only partition that is digitally signed.
1 day ago
The firmware blobs (and the system files) for MacOS live on a read only partition that is digitally signed.
Then how was the Asahi team able to load their own firmware? I was concerned about that process--whatever it is--being something apple might lock down. If it's already likely locked down to Apple's satisfaction, that's good news.
Macs allow the machine owner to install (and boot) a completely unsigned OS on a different partition without having it affect security when you do boot MacOS.
The Mac partitions are encrypted by default and the system partition is signed and read only.