![](\"https:\/\/images.idgesg.net\/images\/idge\/imported\/imageapi\/2022\/06\/07\/12\/can-my-mac-run-macos-ventura-100928772-large.3x2.jpg?auto=webp&quality=85,70\"\/)
<\/p>\n
Credit to Author: Jonny Evans| Date: Mon, 15 Aug 2022 06:35:00 -0700<\/strong><\/p>\n Once upon a time, one attack vector for industrial sabotage consisted of exfiltrating data\u00a0from Macs<\/a>\u00a0using a standard-issue USB storage card. Researchers have also shown that it\u2019s possible to hijack computers with malware-infested cables<\/a>. It\u2019s a jungle out there, so Apple has toughened up (Apple Silicon) Mac protection with USB Restricted Mode.<\/p>\n Beginning with macOS Ventura<\/a>, the new layer of protection comes in the form of USB Restricted mode, which should provide a little reassurance to enterprise IT and is enabled by default.<\/p>\n An Apple developer note explains this protection<\/a>: \u201cOn portable Mac computers with Apple silicon, new USB and Thunderbolt accessories require user approval before the accessory can communicate with macOS for connections wired directly to the USB-C port.\u201d<\/p>\n If this sounds familiar, it is. It already exists on iPads and iPhones. It’s worth noting that support for mass storage devices on both those platforms always lagged the Mac, and it\u2019s only since iOS 13 that you have been able to use external storage with those.<\/p>\n On the Mac, things have kind of worked in the other direction. Macs have always supported external storage media, but Apple has now made this more secure \u2014 though Apple Silicon systems.<\/p>\n The idea is that when a new USB or Thunderbolt device is connected to the Mac, the user will be asked to approve the connection. If a Mac is locked the end user must unlock it before the computer will recognize the accessory. This uses the new-to-the-Mac allowUSBRestrictedMode restriction. The protection is initiated when your Mac has been left locked for an hour or so.<\/p>\n Apple says it doesn\u2019t apply to power adapters, displays, or connections to an approved hub, and devices will still charge even if you choose Do Not Allow for use of a connected accessory. The idea is that energy flows, but data does not.<\/p>\n Why do you want it?\u00a0The security environment continues to deteriorate, and the idea here is that this protection provides one more wall to protect Mac users and their data. It also puts a stop to systems such as GrayKey to crack hardware security to get to the data.<\/p>\n In practice, most people won\u2019t encounter a problem. They will attach a USB device, approve it, and won\u2019t need to think about it much beyond that. (They may need to approve the use intermittently, but that\u2019s it.)<\/p>\n Apple\u2019s tech notes for the iPad\/iPhone implementation<\/a> of the feature explain:<\/p>\n \u201cIf you don’t first unlock your password-protected iOS device – or you haven’t unlocked and connected it to a USB accessory within the past hour – your iOS device won’t communicate with the accessory or computer, and in some cases, it might not charge. You might also see an alert asking you to unlock your device to use accessories.”<\/p>\n The new protection works well alongside the also-soon-to-debut Automated Device Enrollment feature, which forces anyone attempting to setup an enrolled Mac to engage with the enrollment process. This makes it much harder for unauthorized people to open a Mac in an attempt to get to data that is not theirs to grab.<\/p>\n What about updates? Apple explains that accessories attached during software update from prior versions of macOS are allowed automatically. New accessories attached prior to rebooting the Mac might work, but won\u2019t be remembered until connected to an unlocked Mac and explicitly approved.<\/p>\n This is just the latest security enhancement Apple has now managed to put in place across its platforms.<\/p>\n Please follow me on\u00a0Twitter<\/a>, or join me in the\u00a0AppleHolic\u2019s bar & grill<\/a>\u00a0and\u00a0Apple Discussions<\/a>\u00a0groups on MeWe.<\/em><\/p>\n http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Credit to Author: Jonny Evans| Date: Mon, 15 Aug 2022 06:35:00 -0700<\/strong><\/p>\n Once upon a time, one attack vector for industrial sabotage consisted of exfiltrating data\u00a0from Macs<\/a>\u00a0using a standard-issue USB storage card. Researchers have also shown that it\u2019s possible to hijack computers with malware-infested cables<\/a>. It\u2019s a jungle out there, so Apple has toughened up (Apple Silicon) Mac protection with USB Restricted Mode.<\/p>\n<\/p>\nWhat is USB Restricted Mode?<\/strong><\/h2>\n