A few days ago we learned that the iMac Pro can only be restored by another Mac if it enters DFU mode. Thanks to the chip T2 of the iMac Pro, the security of the computer rises to levels not seen before on a Mac. In fact, a new utility available exclusively in the iMac Pro, prevents the execution of unverified operating systems. All these security measures are part of a new utility in macOS: Startup Security Utility.
The security measures of the iMac Pro
Startup Security Utility is the software of the iMac Pro, in charge of only operating the computer with a verified boot disk with permissions, as well as protecting the firmware of the system and preventing access to it from other systems. It is a bit abstract, but to understand it better, Startup Security Utility is divided into three parts:
- Firmware password: This security measure is certain that we also find it in the rest of Mac computers. It allows us to encrypt Mac to prevent it from booting from an internal or external storage device different from the specified boot disk. It is an extra security measure that prevents the restoration of the computer for example.
- Secure Boot: Unique feature of the iMac Pro, through this the iMac Pro will only run a legitimate operating system if requested. That is, if we choose full security, it will execute only a macOS signed by Apple or a version of Windows signed by Microsoft and approved by Apple. If we choose medium security, itwill also execute only signed versions, but regardless of when they were signed, in the full model they must be versions that currently have support. If on the contrary we choose no security, any operating system can be executed.
- External Boot: The functionality that basically allows or prevents an external boot disk from being used in the iMac Pro. If this option is not possible, it will be possible to run an operating system that is not internal to the computer. For example, a bootable USB can not be used for the installation of macOS.
Advantages and disadvantages of these security measures? As always, it depends on the needs of each user and the level of protection required for their equipment. At no time are you forced to activate these extra protections and your iMac Pro can work like a normal Mac. But it is true that thanks to the T2 chip you have the possibility to improve the security of the iMac Pro in an incredible way. Virtually no option to access the equipment if it has been stolen or is in any situation like that.