Apple will make USB-C accessories ask for your permission to pass data
Source: https://www.theverge.com/2022/6/6/23157271/apple-macbook-m1-m2-usb-thunderbolt-ports-closed-user-approval

Are you the kind of person who’d hesitate to charge gadgets from a public charger — like the ones coming to the seat of your plane? Apple’s first beta of the just-announced macOS 13 Ventura includes a feature seemingly designed to address tampering fears. It’ll make USB-C and Thunderbolt accessories explicitly ask for your permission before they can communicate with MacBooks powered by Apple’s M1 or M2 chips.

Here’s the full description of the feature from Apple’s release notes:

On portable Mac computers with Apple silicon, new USB and Thunderbolt accessories require user approval before the accessory can communicate with macOS for connections wired directly to the USB-C port. This doesn’t apply to power adapters, standalone displays, or connections to an approved hub. Devices can still charge if you choose Don’t Allow.

You can change the security configuration in System Settings > Security and Privacy > Security. The initial configuration is Ask for new accessories. Configuring an accessibility Switch Control sets the policy to always allow accessory use. Approved devices can connect to a locked Mac for up to three days.

Accessories attached during software update from prior versions of macOS are allowed automatically. New accessories attached prior to rebooting the Mac might enumerate and function, but won’t be remembered until connected to an unlocked Mac and explicitly approved.

I’ve read through a few times now, and I’m not seeing a obvious downside. Your MacBooks will still charge just fine, they’ll still connect to external displays, and you can turn the whole thing off if you don’t want to get bugged. Apple isn’t trying to create a new certification here — you’re the one in control. It sounds like it’s just an extra protection from potentially nefarious or non-compliant USB gadgets, both of which are real things and at least one of which has damaged MacBooks in the recent past.

Perhaps it’ll be a more realistic solution than the one the USB Implementers’ Forum launched in 2019 (pdf), which required companies adopt an “USB Type-C Authentication Program” that gave each USB device an encrypted certificate to verify its identity and confirm its capabilities.

Apple’s solution might not necessarily stop “USB Killer” gadgets, however, which attempt to fry computers by overloading their USB ports with too much electricity. “Inappropriate power” was one of the issues that the USB-IF’s idea was trying to combat.

Speaking of USB-C power, it’s officially set for a big boost soon: the first 240W USB-C PD cables recently broke cover, and we’re eagerly awaiting the chargers, laptops and external batteries that might go with them.



Source: https://www.theverge.com/2022/6/6/23157271/apple-macbook-m1-m2-usb-thunderbolt-ports-closed-user-approval

Leave a Reply

Your email address will not be published. Required fields are marked *