This jailbreaking involves combining two exploits – the Checkm8 exploit from last year and the Blackbird vulnerability unveiled this August. And it’s both dangerous and unpatchable.

Security researchers have claimed that by combining two exploits that were initially developed to jailbreak iPhones, they can also jailbreak Macs and MacBooks that come with Apple’s latest T2 security chips.

The process is admittedly complex, but the technique of combining the two exploits has been mentioned on Twitter and Reddit over the past few weeks, reports ZDNet. And it has also been tested and confirmed by several of Apple’s top security and jailbreaking experts.

If the exploits are used right, the jailbreaking technique in question will allow users and hackers to gain full control over devices to modify core OS behaviour or retrieve sensitive information, encrypted data and even plant malware.

What are Apple’s T2 chips?

Apple’s T2 chip is a special co-processor that is installed along with the main Intel CPU on the Apple iMac, Mac Pro, Mac Mini and MacBooks – basically, all of Apple’s modern computers.

The T2 ships were introduced in 2017 and have been a part of all Apple devices sold since 2018. The T2’s role is to function as a separate CPU and by default they handle audio processing and various low-level I/O functions to help take some load off the main CPU.

These chips also serve as security chips (Secure Enclave Processor or SEP) that process sensitive data like cryptographic operations, KeyChain passwords, TouchID authentication along with the device’s encrypted storage and secure boot capabilities. They essentially play a significant role in every Apple desktop device.

How does this jailbreak work?

According to ZDNet, security researchers have figured out a way to break T2s and have found a way to run code inside the security chip during its boot-up routine and alter its normal behaviour.

This breaking in involves combining two other exploits that were initially designed to jailbreak iOS devices – Checkm8 and Blackbird. The hack works because some of the shared hardware and software features between T2 chips and iPhones and their underlying hardware.

As per a post from Belgian security firm ironPeak, jailbreaking a T2 chip involves connecting to a Mac or a MacBook using an USB-C and running version 0.11.0 of the Checkra1n jailbreaking software during the Mac’s boot-up process.