top | item 27875804

(no title)

This has already been a thing for Macs as well for many, many years. If you boot into recovery mode, there is a menu option to add a Firmware Password. You cannot access recovery mode or enter the boot selection menu without providing that password, which means a thief cannot reinstall any operating system or boot from a Linux thumb drive.

When you add a Firmware Password to a Mac, you get a long recovery code as a fallback safety in case you lose/forget the password. Apple, if provided with proof of purchase for the serial number being inquired about, can create a bootable USB stick with a certificate generated using public/private key crypto for which Apple holds the private keys.

I suspect much of this newer functionality acts as a replacement for the Firmware Password, giving more options and making it a bit more well-known.

discuss

No comments yet.