PrivSec-dev/privsec.dev
1
0
Fork 0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-12-22 12:51:34 -05:00
Code

change verified boot to secure boot

Browse Source
This commit is contained in:
fria 2024-11-27 18:42:31 -06:00 committed by GitHub
parent d6c6360159
commit ace0e4dbd1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/posts/macos/macOS Security Overview/index.md
View File

@ -109,7 +109,7 @@ XProtect uses YARA signatures and is updated frequently, independent of OS updat
Apple also issues revocations for notarization tickets, which are detected with OCSP checks over HTTPS. While OCSP checks may reveal to Apple which type of apps a user on an IP address is using, it is not recommended that you disable this check as it will break a very important security feature. Instead, you are better off using a commercial VPN to blend in with other Mac users. Apple also issues revocations for notarization tickets, which are detected with OCSP checks over HTTPS. While OCSP checks may reveal to Apple which type of apps a user on an IP address is using, it is not recommended that you disable this check as it will break a very important security feature. Instead, you are better off using a commercial VPN to blend in with other Mac users.
## Verified Boot ## Secure Boot
Mac computers ensure that only Apple-signed code runs from the lowest levels of the firmware to macOS itself (assuming Full Security is enabled). It accomplishes this with a [chain of trust](https://support.apple.com/guide/security/boot-process-secac71d5623/web) that starts with the Boot ROM burned into the Secure Enclave at the factory as the first step. Mac computers ensure that only Apple-signed code runs from the lowest levels of the firmware to macOS itself (assuming Full Security is enabled). It accomplishes this with a [chain of trust](https://support.apple.com/guide/security/boot-process-secac71d5623/web) that starts with the Boot ROM burned into the Secure Enclave at the factory as the first step.