MP 7,1 SSD upgrade kits

DFP1989 · Jun 18, 2020

ZombiePhysicist said:
Once the modules get to 16TB will be of interest. The procedure for upgrading is insane. The T2 chip, I just hate that thing. It serves no purpose on a machine like the Mac Pro that houses no biometrics. It just complicates and causes compatibility issues. It's more of a dud than the butterfly keyboard, just too technical for most people to vomit on it like it deserves to be.

All this fuss with the built-in storage is part of the reason I left my config at 256GB and will be going for NVMe storage on a PCIe card. The idea that my data could be locked away on a proprietary, encrypted drive should my Mac Pro have some sort of issue just scares me. I'm not dealing with state secrets or anything, I don't need such extraordinary measures!

And needing another Mac just to "restore" a Mac Pro just seems wild. I bought and returned an iMac Pro, and the nightmare that was trying to wipe it and reinstall Catalina was insane.

goMac · Jun 18, 2020

DFP1989 said:
And needing another Mac just to "restore" a Mac Pro just seems wild. I bought and returned an iMac Pro, and the nightmare that was trying to wipe it and reinstall Catalina was insane.

To be clear: You don't need another Mac to restore a Mac Pro. You only need another Mac if you're pairing the Mac Pro with new SSD blades.

This is likely because T2 keeps it's OS on the SSD, and reinstall T2's OS is not part of any normal restore procedure. It's analogous to an older Mac Pro's firmware, except stored on disk.

Also why the Mac Pro won't boot without the SSD blades. That's where the "firmware" is stored, and a computer won't boot without firmware.

DFP1989 · Jun 18, 2020

goMac said:
To be clear: You don't need another Mac to restore a Mac Pro. You only need another Mac if you're pairing the Mac Pro with new SSD blades.

You're quite right, I got it mixed up in my head.

The song-and-dance to reload the iMac Pro was to enable booting from external drives, it took ages to get the key combination to work to get into the Mac OS X Recovery and enable boot from external drives. Sounds like it would be easier with a wired keyboard, which I currently don't have!

ZombiePhysicist · Jun 18, 2020

goMac said:
To be clear: You don't need another Mac to restore a Mac Pro. You only need another Mac if you're pairing the Mac Pro with new SSD blades.

This is likely because T2 keeps it's OS on the SSD, and reinstall T2's OS is not part of any normal restore procedure. It's analogous to an older Mac Pro's firmware, except stored on disk.

Also why the Mac Pro won't boot without the SSD blades. That's where the "firmware" is stored, and a computer won't boot without firmware.

its totally unnecessary. This could be done with a combo of rom and pram. They created a solution for a nonexistent problem.

tsialex · Jun 18, 2020

ZombiePhysicist said:
its totally unnecessary. This could be done with a combo of rom and pram. They created a solution for a nonexistent problem.

Wow, now you will talk about OpenFirmware? Macs evolved in the last 16 years. Last Mac that had a ROM was in the late 90s, PRAM was back in 2006.

The non existent problem is firmware implants like ThunderStrike and others much more refined. T2 makes it almost impossible to happen, since it's validated all the way and you have to attack a much more complex system.

You can disklike the way Apple implemented the firmware validation all the way, but talk that is a non-existent problem is just dumb.

ZombiePhysicist · Jun 19, 2020

tsialex said:
Wow, now you will talk about OpenFirmware? Macs evolved in the last 16 years. Last Mac that had a ROM was in the late 90s, PRAM was back in 2006.

The non existent problem is firmware implants like ThunderStrike and others much more refined. T2 makes it almost impossible to happen, since it's validated all the way and you have to attack a much more complex system.

You can disklike the way Apple implemented the firmware validation all the way, but talk that is a non-existent problem is just dumb.

From what I've seen, it's still vulnerable to thunderbolt attacks even with the T2 chip. Sure more complex, but we'll always have some vulnerability and there is a balance between making life miserable for the user and more difficult for hackers.

And thank you, I didn't realize that was how long ago that PRAM hasn't been around.

But my point is exactly that this implementation is lame. There are way better choices to make in implementation. Putting the 'effective' PRAM on a boot/system/data drive is a bad decision tying those together.

OkiRun · Jun 19, 2020

ZombiePhysicist said:
"...still vulnerable to thunderbolt attacks..."

Can you give an example of this?

ZombiePhysicist · Jun 19, 2020

OkiRun said:
Can you give an example of this?

New Thunderbolt security flaws affect systems shipped before 2019

Attackers that gain physical access to Windows, Linux, or macOS devices can access and steal data from their hard drives by exploiting 7 vulnerabilities found in Intel's Thunderbolt hardware interface.

www.bleepingcomputer.com

Black Hat Q&A: Cracking Apple's T2 Security Chip

Duo Labs’ Mikhail Davidow and Jeremy Erickson speak about their research on the Apple T2 security chip, and why they’re sharing it at Black Hat USA.

www.darkreading.com

tsialex · Jun 19, 2020

ZombiePhysicist said:
New Thunderbolt security flaws affect systems shipped before 2019

Attackers that gain physical access to Windows, Linux, or macOS devices can access and steal data from their hard drives by exploiting 7 vulnerabilities found in Intel's Thunderbolt hardware interface.

www.bleepingcomputer.com

Black Hat Q&A: Cracking Apple's T2 Security Chip

Duo Labs’ Mikhail Davidow and Jeremy Erickson speak about their research on the Apple T2 security chip, and why they’re sharing it at Black Hat USA.

www.darkreading.com

Apple removed kernel DMA exposure from Thunderbolt since Thunderstrike, even the article you linked talks about only pre-2011 Macs being vulnerable and only post 2019 PCs have the flaw mitigated.

Btw, T2 in this case removes the possibility of implants on the firmware since the firmware is validated, a resource that normal PCs don't have and only workstation/servers that have security processors similar of T2 have. Older Macs without T2 are not protected too. T2 is considered the most secure boot processor, even from the Black Hat article you linked…

You need to re-think your hate of T2.

davidec · Jun 19, 2020

Guys any advantages of the new kit over the owc blades? https://eshop.macsales.com/shop/ssd/owc-accelsior-4m2

ZombiePhysicist · Jun 20, 2020

tsialex said:
Apple removed kernel DMA exposure from Thunderbolt since Thunderstrike, even the article you linked talks about only pre-2011 Macs being vulnerable and only post 2019 PCs have the flaw mitigated.

Btw, T2 in this case removes the possibility of implants on the firmware since the firmware is validated, a resource that normal PCs don't have and only workstation/servers that have security processors similar of T2 have. Older Macs without T2 are not protected too. T2 is considered the most secure boot processor, even from the Black Hat article you linked…

You need to re-think your hate of T2.

Doesn't address the 2nd article:

Black Hat Q&A: Cracking Apple's T2 Security Chip

Duo Labs’ Mikhail Davidow and Jeremy Erickson speak about their research on the Apple T2 security chip, and why they’re sharing it at Black Hat USA.

www.darkreading.com

We can agree to disagree. I'm not doubting that the T2 increases security. But it can be done separate from a boot drive. And many other implementation decisions are burdensome to the user. For you, perhaps the balance of bane to security is a good one. To many others, it is not. Perhaps you should be more open minded to those that have problems with it.

If we polarize on this, nothing good will come from it. It's not a T2 is from gods tears, or it's the worst calamity to befall humanity. It has good and bad. Only by criticizing the bad will we get improvements to make it better. Lauding the good parts is important too.

We can agree to disagree, but I for one loathe the combination of storing the security settings and boot parameters on the same storage device that is the main boot drive. A boot device that is very likely to get worn out or need to be replaced and upgraded on a professional machine within normal life spans of that machine, and if removed renders the machine un-bootable by any other drive. As always, YMMV.
[automerge]1592653091[/automerge]

davidec said:
Guys any advantages of the new kit over the owc blades? https://eshop.macsales.com/shop/ssd/owc-accelsior-4m2

One advantage of the OWC blades is speed. I think in raid configuration its probably 2x the speed of the apple sticks.

Down side, if I recall correctly, is the boot partition must be a single stick. So if you have 4 2TB sticks (for 8tb total) the boot drive must be on a single 2TB stick and you can raid the other 6tB. Whereas the apple 8tb kit can be used as a single large space

The apple sticks are on the T2 so it can be encrypted by hardware on the fly.

goMac · Jun 20, 2020

ZombiePhysicist said:
The apple sticks are on the T2 so it can be encrypted by hardware on the fly.

The non-encryption capabilities that T2 provides (video transcoding, image processing, audio control, Hey Siri, etc etc) mean it needs to run an operating system of its own. In this case Apple chose iOS.

But you can't use a flashable chip to store iOS-as-firmware like on the 5,1. iOS needs it's own rewritable storage so that's not going to work. So iOS really needs it's own partition on the SSD.

But now you've got a new problem. If the machine firmware is exposed on disk, that means it could be rewritten by malware, and the machine could be hijacked. So now you need to encrypt the SSD so that the host OS can't rewrite the firmware files on disk.

The encryption is really a consequence of T2, not the starting point.

davidec · Jun 20, 2020

ZombiePhysicist said:
Down side, if I recall correctly, is the boot partition must be a single stick. So if you have 4 2TB sticks (for 8tb total) the boot drive must be on a single 2TB stick and you can raid the other 6tB. Whereas the apple 8tb kit can be used as a single large space

Wait so are you saying that being the https://eshop.macsales.com/shop/ssd/owc-accelsior-4m2 Would appear as four seperate drives in disk utility ? So if you have one 7TB file (as a bad example) you couldn't copy it across to one drive?

ZombiePhysicist · Jun 20, 2020

davidec said:
Wait so are you saying that being the https://eshop.macsales.com/shop/ssd/owc-accelsior-4m2 Would appear as four seperate drives in disk utility ? So if you have one 7TB file (as a bad example) you couldn't copy it across to one drive?

that is my understanding If you want it to also be your boot drive. If you have another drive be your boot drive you could then raid the entire 4 sticks into a singlevolume.

Search

Search

MP 7,1 SSD upgrade kits

DFP1989

macrumors 6502

goMac

macrumors 604

DFP1989

macrumors 6502

ZombiePhysicist

Suspended

tsialex

Contributor

ZombiePhysicist

Suspended

OkiRun

macrumors 65816

ZombiePhysicist

Suspended

New Thunderbolt security flaws affect systems shipped before 2019

Black Hat Q&A: Cracking Apple's T2 Security Chip

tsialex

Contributor

New Thunderbolt security flaws affect systems shipped before 2019

Black Hat Q&A: Cracking Apple's T2 Security Chip

davidec

macrumors 6502

ZombiePhysicist

Suspended

Black Hat Q&A: Cracking Apple's T2 Security Chip

goMac

macrumors 604

davidec

macrumors 6502

ZombiePhysicist

Suspended

Our Staff