MacOS 13 Ventura, security guaranteed even with USB-C peripherals

One of the aspects in which Apple is continuing to invest resources is that of the security of its software platforms. As further evidence of this commitment, another small but important novelty of macOS 13 Ventura, presented yesterday at WWDC 2022, intervenes.

Assuming that even USB-C devices can be used by malicious people to steal personal data – see the well-documented precedents – Apple has seen fit to make sure that USB-C and Thunderbolt accessories explicitly ask the user for permission before starting to communicate – or transfer data – with Apple Silicon-based MacBook laptops.

The novelty is reported in the release notes of the first beta of macOS 13 Ventura which reads:

On Mac laptops with Apple Silicon, the new USB and Thunderbolt accessories ask the user for approval before communicating with the Mac via wired connections directly to the USB-C port. This does not apply to power adapters, standalone displays, or connections to an approved hub. Devices can still charge if the user chooses not to grant approval.

Accessories connected during the software update from previous macOS versions are automatically authorized. New accessories connected before restarting the Mac may be listed and working, but will not be stored until connected to an unlocked Mac and explicitly approved.

Importantly, theuser is free to keep the new option active (it is by default), but he can also choose to disable it following the path Settings> Privacy> Security. It is therefore not a restriction imposed by Apple, nor another certification program for Mac accessories, but an additional level of protection that benefits the user and which the user can also decide to give up.

Furthermore, as clarified, the measure does not involve any restriction for the use of peripherals such as power supplies, external screens and approved hubs. Specifically, Apple aims to prevent unwanted data subtraction that can occur, for example, by connecting to a public charger and more generally to any USB-C device with data transfer support that could contain chips to acquire them without the knowledge of the user.


Leave a Comment