Apple T2 Security Chip removes Linux support from some newer Macs [Update]

At the end of October, Apple unveiled new hardware for a selection of its products including the Mac Mini. A new component included in the product is the Apple T2 Security Chip that features a Secure Enclave coprocessor and “provides the foundation for APFS encrypted storage, secure boot, and Touch ID on Mac.” One caveat, however, is that Linux support is now nonexistent.

Explaining why Linux won’t run on the new Mac Mini and other Apple T2-enabled devices, the documentation reads:

By default, Mac computers supporting secure boot only trust content signed by Apple. However, in order to improve the security of Boot Camp installations, support for secure booting Windows is also provided. The UEFI firmware includes a copy of the Microsoft Windows Production CA 2011 certificate used to authenticate Microsoft bootloaders.

NOTE: There is currently no trust provided for the the Microsoft Corporation UEFI CA 2011, which would allow verification of code signed by Microsoft partners. This UEFI CA is commonly used to verify the authenticity of bootloaders for other operating systems such as Linux variants.

So, while Microsoft’s Windows operating system can be installed to these systems thanks to the Microsoft Windows Production CA 2011 certificates, those looking to install Linux distributions such as Linux Mint or Ubuntu will be left out in the cold until Apple decides to rectify the situation or somebody manages to bypass the T2 chip.

If you were thinking about buying the new Mac Mini to install Linux on then it’s probably better to look elsewhere at least until Apple sorts out the situation. Some good alternatives to the Mac Mini include the MintBox Mini 2 and the MintBox Mini 2 Pro, as well as the newly announced System76 Thelio, which is being touted as “open hardware” designed and manufactured in the United States.

Update: A reader has pointed out that it's possible to disable Secure Boot on T2-equipped devices making it possible to boot and install Linux distributions. To run Linux you must first access the Startup Security Utility and choose the 'No Security' option, here are the instructions on how to access to the utility:

  1. Turn on your Mac, then press and hold Command (⌘)-R immediately after you see the Apple logo to start up from macOS Recovery.
  2. When you see the macOS Utilities window, choose Utilities > Startup Security Utility from the menu bar.
  3. When you're asked to authenticate, click Enter macOS Password, then choose an administrator account and enter its password.

Source: Apple via: Phoronix

Report a problem with article
1517939641_pwa2
Next Article

How To Design and Develop a Progressive Web App - free White Paper

1541431338_samsung_new_logo
Previous Article

Samsung changes its profile pictures on social networks, hints at a foldable smartphone

22 Comments - Add comment

Advertisement