“Hello, I’m a Mac…but I’m also a PC.”
The use of the terms PC and Mac to differentiate computers that run the Microsoft Windows operating system between those that run Apple OS X is technically incorrect. A few years back, Mac was simply an abbreviation for Macintosh (the brand of computers made by Apple Inc.) and PC was an acronym for Personal Computer (those used in the home/office, etc.). Recently, however, these words have changed their connotations and this transformation hasn’t been accidental.
Before I speculate how or why, let’s cover some basics. Both and Microsoft and Apple Inc. are software/hardware companies:
Microsoft develops the popular operating system “Windows” but they don’t actually manufacture the computers that it runs on. They leave it up to other companies such as Lenovo, HP, Dell, Gateway and even Apple (after the transition from the PowerPC line of processors to the Intel chip) to make hardware that is compatible with their OS. Then these individual companies give their computers their own names (i.e. the HP Pavillion or the Gateway LT Series). So for example, as a consumer you can own a Dell Inspiron that runs Microsoft Windows (God forbid that actually be the case).
On the other hand, Apple develops the “X” operating system (OS X)* and manufactures the computers that run it. Furthermore (and unlike Microsoft) Apple doesn’t allow other companies to make computers that run their “ground-breaking” operating system — Apple handles it all. So as a consumer, you can’t for example, own an HP Pavillion that runs Apple OS X. If you want Apple’s OS you need to go get an Apple computer (which has a brand name of “Mac”).
In this regard, Apple is a monopoly; the control of their hardware and of the operating system that allows users to interact with it is very stringent. So in this case, there’s no need to identify both the kind of computer you have and which operating system it runs. The entire package is simply referred to as “a Mac.” This inseparable unification of hardware and software that Apple maintains is what I think has made a “Mac” represent much more than simply a brand name.
At the same time, Apple has made efforts to practically abandoned “PC” as a label for anything about them by inaccurately using the label “PC” as an umbrella phrase to encompass everything that is not a Mac (specifically referring to computers that run Windows).
For those of you not up to speed, most of Apple’s computers allow themselves to be temporarily turned into an external hard drive simply by pressing the corresponding hot key (‘T’) during boot up. If the computer supports this option (most do) it will enter what is called Target Disk Mode (TDM) and allow itself to become a mass storage device and be connected to another computer via an IEEE 1394 interface (aka FireWire, i.LINK, Lynx…whatever).
Yes, this feature is convenient for transferring large amounts of data or if you need a quick makeshift external hard drive (assuming you have a male-male Firewire cable). Unfortunately, the feature also inherently bypasses the OS from ever being started on your computer allowing others access to all sorts of files that you assumed were secure by the OS’s login.
When you press the power button on your computer the first thing to come to life is the firmware (a very low level program that lives in the hardware) and it decides what happens next — whether to boot into the installed OS, boot from a CD, boot from a network drive, etc. The decision is based on multiple factors, one of which is to check for certain hot keys on the keyboard.
The problem with this convenience is that anyone with a finger has the ability to transform your computer into a large external drive. Yeah, including that person that just walked away with your laptop while you were getting another soy latte at Star Bucks.
Some would argue that if I’m this concerned with the security of my files, that I should enable FileVault in order to encrypt every file on my hard drive. Yeah? Well, I don’t think I should have to enable something that will have incredible amounts of overhead just because a back door exists that can completely circumvent the OS’s login prompt.
Solution (but not really)
The solution is simple: eliminate the hot keys from influencing the firmware’s decision. Welding a steel plate on top of your keyboard would work I guess, but that’s not very convenient. A better idea would be to tell the firmware to not check the hot keys.
Currently, there is no way to disable these hot keys, but it turns out there is a way to password protect the firmware with some extra software. But after reading Apple documentation that states that the firmware password can be circumvented (quite easily), and that it could in fact be hazardous to your system, and that it is temperamental, I disabled it on my machine and don’t recommend it. Way to fuck us over, Apple:
“WARNING: Open Firmware settings are critical. Take great care when modifying these settings and when creating a secure Open Firmware password.”
“An Open Firmware password provides some protection, but it can be reset if a user has physical access to the machine and changes the physical memory configuration of the machine.”
“Open Firmware password protection can be bypassed if the user changes the physical memory configuration of the machine and then resets the PRAM three times (by holding down Command, Option, P, and R keys during system startup).”
First of all, I think that the extra Firmware Password Utility (not included in a default installation…but available from the software installation disc (/Applications/Utilities/) and online) should not be necessary. I think there should be a simple check box in the System Preferences that enables/disables whether or not the keyboard is “heard” by the firmware.
I also think that the hot keys should be disabled by default. Apple is all about an ‘out of the box, ready to go’ mentality so I suspect they leave the feature enabled by default because that makes it more convenient for their users to make use of the TDM functionality. We’ve seen this same behavior before, but I think the security threat outweighs the convenience factor. Tisk, tisk Apple.