Apple’s in-house designed T2 chip in iMac Pro enables a new level of integration and security

iMac Pro, which launched today, uses Apple’s in-house designed chip to boost your security.

A standalone ARM device called “T2,” it brings a new level of security to the Mac platform by integrating several controllers and specialized coprocessors, including:

  • System management controller
  • Image signal processor
  • Audio controller
  • SSD controller
  • Secure Enclave cryptographic coprocessor

By integrating those separate components onto a single die, the T2 chip is able to deliver new and enhanced capabilities to your Mac, including the following perks:

  • Enhanced imaging for the 1080p front-facing FaceTime HD camera
  • Secure boot features ensure that only trusted software loads at startup
  • Hardware-based flash storage encryption without performance penalty

The custom-designed image signal processor in the T2 chip enables hardware-accelerated imaging features for the FaceTime HD camera, including:

  • Improved exposure control
  • Enhanced tone mapping
  • Auto exposure based on face detection
  • Auto white balance based on face detection

T2’s Secure Enclave borrows technologies from Apple’s A-series chips that power iOS devices, including their cryptographic coprocessor design. Namely, T2’s Secure Enclave comes with dedicated AES hardware engines tasked with encrypting data as it’s being written to the SSD and decrypting it as it’s read from flash storage, no performance penalty whatsoever.

According to Apple:

The data on your SSD is encrypted using dedicated AES hardware with no effect on the SSD’s performance, while keeping the Intel Xeon processor free for your compute tasks. And secure boot ensures that the lowest levels of software aren’t tampered with and that only operating system software trusted by Apple loads at startup.

macOS has had software-based encryption for years.

Found in System Preferences → Security & Privacy → FileVault, this feature secures the data on your flash storage or hard drive by encrypting its contents automatically.

Because it uses the main Intel CPU, the FileVault feature degrades overall system performance.

ROUNDUP: What you need to know about Apple’s new file system

Although the T2 chip works with flash storage only, the new encrypted storage features provided by the Apple File System in macOS High Sierra work in tandem with AES hardware to encrypt contents of the SSD without engaging the main Intel Xeon processor.

T2 is Apple’s second generation custom Mac silicon.

Its first in-house Mac chip was the T1 coprocessor in the MacBook Pro with Touch Bar.

Internally code-named “Bridge,” the T1 chip handles certain system functions like security for the Touch ID and Apple Pay features. It runs Apple’s embedded operating system, called “eOS,” which is based on a variant of watchOS.

macOS code leaks suggested that the new iMac Pro would run Apple’s A10 Fusion chip from the iPhone 7 series, outfitted with 512GB of RAM. We don’t know for sure if that’s the case yet, at least not until iFixit tears apart the new iMac Pro and puts the chip under a microscope.

What are your thoughts on the new Apple T2 chip?

Sound off in the comments section!