I think the threat model here is that someone might've swapped out your keyboard to one that's spying on you, whilst you're out at a conference enjoying the more social aspects of such gatherings. At the same time, if you were to not be connected to a network, this kind of verification wouldn't do anything.
I have a 2017 MBP. There are several keycaps that that are no longer physically connected to the key, so if I tilt the laptop 4 or 5 keys fall off. I have been dealing with it by using an external Apple keyboard (with added benefit of having 10-key and full sized arrow keys). Since it's on a desktop in this config, I have it set to never sleep so luckily I have not seen this unwakeable fuck up.
It doesn't fix the problem, but it resets the clock until they fall off again. In Texas, it was <48 hours between dropping my Macbook off at the Apple shop and receiving it on my doorstep.
I just followed your link, and had an interesting experience. Of all of the Apple Stores and Authorized Repair they do not appear to be accepting repairs. Everyone of them tell me:
"This location has no available reservations.
You can check another location now, or check this location again tomorrow."
Can't even get far enough to see if the repair would be covered. Good job Apple
48 hours is pretty optimistic. At least for the 2016 model they can't just change the keycaps but they'll have to change the whole bottom case. This took a few weeks for me since I had to send it to a certified repair center.
That's the same for the 2017 model that I had to fix. I got a new mobo + battery. Convenient because my battery was in dire need to servicing.
I heard it would take weeks and even had a backup laptop ready, so it surprised me when it came <2 days later. It was my original laptop too (had all my data and the same dent).
Oh well, the new models don't have this issue anymore. What a fuck up.
The big question is will they extend the warranty by the number of months the Apple Stores were closed due to pandemic lock down? My keycaps didn't start misbehaving until about April.
> Apple seems to do all kinds of weird networking _stuff_. For instance, during wakeup, your T2 equipped Macbook will wait for a DNS response and then use said DNS response to synchronize time via NTP before letting the user use the keyboard. Probably checking timestamps on signatures for the keyboard firmware, or something stupid like that. This only happens if it happens to have a default route.
I had the same thing happening to me but Apple changed the complete keyboard under their extended keyboard warranty programm (even though it was out of Apple Care already).
The idea is that if your keyboard is replaced with a keyboard that has modified (hacked) firmware, your computer will refuse to let you use it.
To do this, it must obtain a cryptographic attestation from the keyboard firmware, proving that it has not been modified. Further, to avoid replay attacks it must include the current time in the message it signs. NTP is used by macOS to determine the current time, so as to verify the signature provided by the keyboard.
So, if NTP is slow to respond or time out, you are stuck waiting for your Mac to verify your keyboard's signature.
So they introduce a major usability breaker (consider opening up your macbook on a plane with no internet access) to prevent a really obscure security issue that requires an attacker to replace the entire system's top case without you noticing. Nice.
At least give the user the ability to turn that off.
Sorry, that wasn't the best word choice. Certainly a counter is another viable way of performing that check. (And obviously comes with its own set of trade-offs which I'm not interested in performing value judgments on!)
