Examined: The new MacBook Pro Touch Bar and Apple's T1 authentication chip

AppleInsider

While Apple won't detail the T1 to any significant depth to avoid exploits, some details on how the Touch Bar works in conjunction with the new T1 chip have surfaced -- including what happens if the Touch Bar needs to be replaced. AppleInsider explains.

Apple introduced the new MacBook Pro with Touch Bar on Thursday, and as part of the assembly, it contains a sapphire Touch ID sensor on the right hand side above the delete key. Touch ID by itself wouldn't be possible as Apple has implemented it on the iPhone without some sort of dedicated, secure chipset.

The company has also included what it has dubbed the T1 chipset. The new chipset, debuting on the MacBook Pro implements Apple's secure enclave, independent of macOS and the Intel processor contained within.

Resolution details of the Touch Bar

The Touch Bar is essentially a USB 2180x80 display, mounted for optimal viewing at a 45 degree angle. Apple reserves 128 pixels on the left as the "system button," and 608 pixels on the right for the "control strip," including Touch ID prompts -- but not the sensor itself, which sits to the right of the Touch Bar.

The remaining 1370 pixels in the approximate center of the bar is the application region for general usage.

Where does the T1 come from?

Developer Steven Troughton-Smith claimed that the T1 is similar to the system-on-a-chip used in the Apple Watch, telling The Verge that the chip is a "variant" of the S1 in the Apple Watch. However, sources within Apple that AppleInsider has spoken with calls the remark an over-generalization of the technology.
If the Track Bar needs replacing for any reason, so does the T1.
"Sure, there's some commonalities between it and the Watch, given that they're both ARM, with some shared engineers and design philosophies," we were told. "But, to call it an Apple Watch [SoC] variant isn't accurate at all."

"There has always been a common core between OS X, and iOS, and by extension, the Apple Watch -- just like Steve [Jobs] said way back in the day," our Apple source added. "Just because the same routines are used, and some of the same API calls doesn't mean that the chip is the same, not at all."

Some other claims by Troughton-Smith were confirmed as being generally correct, however.

"The Touch Bar theoretically could run while the rest of the machine is turned off," said Troughton-Smith. "So you get all the low-power and security benefits of an iOS device, without having to switch to ARM completely on the desktop."

Parts of the Touch Bar run already independently of macOS, as the bar is used to turn on the computer, and authenticate a user.

Troughton-Smith's remarks are further borne out by alleged remarks from Apple Senior Vice President of Software Craig Federighi made in an email to a customer. When asked if the Touch Bar turned into a regular function bar in Boot Camp, Federighi allegedly confirmed the behavior.

If the statement actually came from the executive, it proves that the bar is independent of macOS Sierra itself.

Fixing the Touch Bar at the Genius Bar

As a user-facing component, the Touch Bar and integrated Touch ID sensor will see a lot of wear. According to data gleaned by AppleInsider around five percent of all service calls for macOS and iOS devices at Apple retail stores are about physically broken screens, with another two percent being macOS broken input devices like keyboards or trackpads.

According to our sources inside Apple, the company is expecting similar numbers for the Touch Bar, as it sees for broken input devices.

AppleInsider has learned there is no association procedure between a service stock generic Touch Bar, and the T1 inside the MacBook Pro. As a result, at least for now, if the Track Bar needs replacing for any reason, so does the T1.

Troughton-Smith believes that the front-facing camera in the new MacBook Pro is governed by the secure enclave in the T1, so it is possible that a failure of any of the related components would necessitate a three-part swap. Our source specifically said that they "would neither confirm nor deny" that statement.

The 2016 MacBook Pro family, announced Thursday, is a major redesign to Apple's flagship notebook, and comes in screen sizes of 13 and 15 inches, with core models starting at $1,799. Shipping will start for the Touch Bar-equipped machines in ?to three weeks, but four to five-week delays in receipt have already been reported.

AppleInsider was at the event, and was able to spend some time with all the latest hardware.

To grab the lowest prices on Apple's new MacBook Pro with Touch Bar, see AppleInsider's Mac Price Guide.

wizard69

Interesting but it will be 5 yeas before i own a machine so equiped as i just bought a new MBP in 2015!!    Kind of an intersting development for user input though.  

xixo

i'd prefer a tablet touchscreen mac with detachable keyboard...

rezwits

wizard69 said:

Interesting but it will be 5 yeas before i own a machine so equiped as i just bought a new MBP in 2015!!    Kind of an intersting development for user input though.  

2-3 years, for me and I just bought a 2015/15, 2 months ago... and I am extremely happy with that purchase.

I got this:

air 2015/11 + rMBP 2015/15 at $3,000 (no dGPU, no dongles, + discounts + shell)

or would have been...

MB 2016/12 + rMBP 2016/15 at $4000 ( + dGPU, + Touch Bar, no discounts + shell + 4 Mo. WAIT!)

So yeah, saved a $1,000, and got the last round of the "Perfected Ports"

SpamSandwich

I look forward to seeing this in person. It's not a bad idea, really.

Soli

1) I thought the T1 might be based on the S1. That could mean that there are two technically versions of the OS X/Darwin family on every new Mac with a Touch Bar.

2) I think this makes it clear that the Touch Bar's display, communication, Touch ID, and Apple Pay are all within this single chip. I still wonder how this will play out for a separate, wireless display for future desktop Macs and how this will work with Boot Camp or a VM with Windows.

Soli

 I understand why the right side of the Touch Bar doesn’t have a display (it’s where Touch ID resides), but why not the let side? Apple likes to balance things, but I think it looks wonky to have the Esc key not lined up with the Tilde/Backtick key.

williamlondon

Wonder if they'll package up all that goodness into an external keyboard for use in Mac Pros, Mac minis and iMacs (future or existing?). Would they be limited to a wired keyboard or could it be wireless too?? Would love to see this tech implemented more widely across their non-laptop lines, seems like it would be great functionality for other machines too, right?

hattig

It appears that this T1 chip communicates with the rest of the system via USB. It is trivial therefore to see that it can be included on an external USB keyboard as shipped with new iMacs and Mac Pros. But how that would work on multiple computers is interesting, although probably not an issue. The T1 SoC is said to be also used as a part of the S2 SiP package - the part with the CPU, GPU and secure enclave. Now that means you've got a dual-core (likely Apple custom) ARM SoC just controlling a fancy bit of the keyboard and the fancy power button!

anome

williamlondon said:

Wonder if they'll package up all that goodness into an external keyboard for use in Mac Pros, Mac minis and iMacs (future or existing?). Would they be limited to a wired keyboard or could it be wireless too?? Would love to see this tech implemented more widely across their non-laptop lines, seems like it would be great functionality for other machines too, right?

I've been thinking about a wireless keyboard with the Touchbar, and it seems to be difficult, although not impossible as such.

There's a problem with authentication. The T1 does all the authentication of the TouchID sensor, and then sends a signal saying "This is OK". So no actual secure information would be sent over Bluetooth, but the OK signal would be vulnerable to spoofing. The simplest way to get round that, would be to go back to a wired keyboard. Assuming Apple doesn't want to do that, and I suspect they don't, the only way, as far as I can tell, would be implementing a token system, much the same as you might use for 2-Factor Authentication.

Actually, I think I just convinced myself it's a lot easier than I initially thought. It would just be another layer of tokenisation, which actually should be relatively easy to implement, assuming it doesn't already do that.

williamlondon

anome said:

williamlondon said:

Wonder if they'll package up all that goodness into an external keyboard for use in Mac Pros, Mac minis and iMacs (future or existing?). Would they be limited to a wired keyboard or could it be wireless too?? Would love to see this tech implemented more widely across their non-laptop lines, seems like it would be great functionality for other machines too, right?

I've been thinking about a wireless keyboard with the Touchbar, and it seems to be difficult, although not impossible as such.

There's a problem with authentication. The T1 does all the authentication of the TouchID sensor, and then sends a signal saying "This is OK". So no actual secure information would be sent over Bluetooth, but the OK signal would be vulnerable to spoofing. The simplest way to get round that, would be to go back to a wired keyboard. Assuming Apple doesn't want to do that, and I suspect they don't, the only way, as far as I can tell, would be implementing a token system, much the same as you might use for 2-Factor Authentication.

Actually, I think I just convinced myself it's a lot easier than I initially thought. It would just be another layer of tokenisation, which actually should be relatively easy to implement, assuming it doesn't already do that.

Apple does seem to favour their wireless keyboards over the wired, but in this case I also wonder what the battery life might be with wireless given all this additional tech. It may be so reduced that wired (in addition to any security issues it might solve) would be the way to go with this one? I'm happy with that (I personally prefer their wired keyboard for the extended keys they support).

I can't imagine they won't roll this functionality into other machines, I just wonder how far back they'll go with support. Anyone know of any issues that would preclude their selling the functionality in keyboards that could be paired with older machines?

[Deleted User]

The user and all related content has been deleted.

Soli

dklebedev said:

Suddenly it's better to move your attention away from the screen where everything is happening and fidget atop of the keyboard.

Touch Bar = crippled trackpad + crippled screen. What does this achieve?

I reconciled with parallax, blur and unnecessary animations. Went pass that 42mm touchscreen is somehow a great UX. Ignored third-party keyboards. And even deal with more bugs iOS now has.
But this time I feel like Apple officially lost it. Waiting to try it out, but even predictive type sucks and it's on the screen. 

What benefit does not having an overlay blocking your image do to help make you more productive? That's what you're asking?

You really think this is overlay to quickly adjust a color is a great solution?

rob53

Has anyone asked Apple about FileVault and whether the T1 chip will be used to store the FV encryption keys? I don't care if Apple still calls it FV I just want the same level of data encryption on the new MBPs as on iOS devices. This capability makes it a slam dunk for government and enterprise users required to properly protect their mobile hardware. 

Soli

rob53 said:

Has anyone asked Apple about FileVault and whether the T1 chip will be used to store the FV encryption keys? I don't care if Apple still calls it FV I just want the same level of data encryption on the new MBPs as on iOS devices. This capability makes it a slam dunk for government and enterprise users required to properly protect their mobile hardware. 

We don't even know how complex that T1 chip is. If it's based on the S-series chip in the Watch it could contain it's own version of OS X/Darwin as s stripped down version of watchOS, or it could just be more rudimentary OS. Besides containing the keys  and data for Touch ID and Apple Pay, I assume it also uses its GPU for the Touch Bar display.

Mike Wuerthele

rob53 said:

Has anyone asked Apple about FileVault and whether the T1 chip will be used to store the FV encryption keys? I don't care if Apple still calls it FV I just want the same level of data encryption on the new MBPs as on iOS devices. This capability makes it a slam dunk for government and enterprise users required to properly protect their mobile hardware. 

We have, and we don't have an answer yet. It looks like it does NOT store the FV keys.

rob53

Mike Wuerthele said:

rob53 said:

Has anyone asked Apple about FileVault and whether the T1 chip will be used to store the FV encryption keys? I don't care if Apple still calls it FV I just want the same level of data encryption on the new MBPs as on iOS devices. This capability makes it a slam dunk for government and enterprise users required to properly protect their mobile hardware. 

We have, and we don't have an answer yet. It looks like it does NOT store the FV keys.

I'll wait to hear from Apple on this. I don't know how you know what keys it actually stores in the Secure Enclave but if it's anything like the Secure Enclave on the iPhone, I could easily see Apple changing FileVault to use the same kind of encryption processes it uses on iOS devices. Why not have FED (full Device encryption, I made this up) on the MBP's internal storage set as default. Encrypting external drives can be done the same way it is now or something better if Apple would develop it. I don't see Apple stopping at only fully securing iOS devices when many people also use Apple laptop and desktop devices with the same type of sensitive information stored on them as on their iPhones.

Once Apple does this, it should be easy for government installations to get full approval for its use, especially on mobile devices going to other countries.

[Deleted User]

The user and all related content has been deleted.

Marvin

rob53 said:

Mike Wuerthele said:

rob53 said:

Has anyone asked Apple about FileVault and whether the T1 chip will be used to store the FV encryption keys? I don't care if Apple still calls it FV I just want the same level of data encryption on the new MBPs as on iOS devices. This capability makes it a slam dunk for government and enterprise users required to properly protect their mobile hardware. 

We have, and we don't have an answer yet. It looks like it does NOT store the FV keys.

I'll wait to hear from Apple on this. I don't know how you know what keys it actually stores in the Secure Enclave but if it's anything like the Secure Enclave on the iPhone, I could easily see Apple changing FileVault to use the same kind of encryption processes it uses on iOS devices. Why not have FED (full Device encryption, I made this up) on the MBP's internal storage set as default. Encrypting external drives can be done the same way it is now or something better if Apple would develop it. I don't see Apple stopping at only fully securing iOS devices when many people also use Apple laptop and desktop devices with the same type of sensitive information stored on them as on their iPhones.

Once Apple does this, it should be easy for government installations to get full approval for its use, especially on mobile devices going to other countries.

Full disk encryption for the internal drive is selected by default for newer systems:

https://www.intego.com/mac-security-blog/yosemite-filevault/

This encrypts the disk using a long random key. The device master key is wrapped up using user passwords so when a user logs in, it decrypts the master key. The master key is held in RAM so that the storage can be accessed efficiently but this can be a security risk. Holding this key in a secure chip/enclave would mean that system processes couldn't access it.

External drives can be easily encrypted using the same process:

https://support.apple.com/kb/PH21791?locale=en_US

It takes a long time for hard drives but SSDs are ok. It asks for the password when connecting an external volume.

The secure enclave stores fingerprint data, which would be usable as an intermediate key just like login passwords.

jswitte01

Full disk encryption for the internal drive is selected by default for newer systems [..] secure enclave stores fingerprint data, which would be usable as an intermediate key just like login passwords.

What happens if this is done, and someone busts the Touch ID sensor?  If the Touch ID sensor itself is connected to the Secure Enclave/T1, does this mean that if you're keyboard gets smashed, all you're data is gone?  (Probably answering my own question..) That's assuming that FDE is connected to *only* the "fingerprint-hash" or whatever the T1 stores, and not a "backup user password".  That seems logical, especially since (at least one US court I think) has ruled that while police can't demand a pass*word*, pass-*fingerprints* aren't so protected by the 4th Amendment.

Google "passwords fingerprints faces 4th Amendment" and it comes up with a number of "potentially-frightening-possibility articles".

Marvin

jswitte01 said:

Full disk encryption for the internal drive is selected by default for newer systems [..] secure enclave stores fingerprint data, which would be usable as an intermediate key just like login passwords.

What happens if this is done, and someone busts the Touch ID sensor?  If the Touch ID sensor itself is connected to the Secure Enclave/T1, does this mean that if you're keyboard gets smashed, all you're data is gone?  (Probably answering my own question..) That's assuming that FDE is connected to *only* the "fingerprint-hash" or whatever the T1 stores, and not a "backup user password".  That seems logical, especially since (at least one US court I think) has ruled that while police can't demand a pass*word*, pass-*fingerprints* aren't so protected by the 4th Amendment.

Google "passwords fingerprints faces 4th Amendment" and it comes up with a number of "potentially-frightening-possibility articles".

The passwords and fingerprints are intermediate keys, they are used to decrypt the volume key. This allows them to be changed e.g change password, add new fingerprints without re-encrypting the drive. The drive is encrypted using a long random key, full disk encryption prompts you to store a recovery key when you set it up with the option to have Apple store it. If the keyboard/sensor broke, you just plug in an external keyboard and type in the login password. If the computer breaks, for models that have removable storage, the drive can be put in another computer or external drive and accessed with the password.