Apple's Secret Operating System and why you can't upgrade your SSD

Did you know your Mac runs multiple OSes at once? My Patreon: https://www.patreon.com/dmug -------------------------------------------------------- Correction: The SSDs appear to be upgradeable, I've made a video about it! https://youtu.be/rcdT4QTBo7o -------------------------------------------------------- sepOS is a stripped-down, lightweight operating system that provides a secure execution environment for sensitive operations such as generating and storing encryption keys, biometric data (such as Touch ID), and other sensitive data. The Secure enclave is isolated from the rest of the system, so it can only be accessed through a limited set of interfaces provided by Apple's APIs. It's been around since the T2 Macs when Apple moved from removable storage to bolted down dumb NANDs with a integrated storage controller. I didn't want to bog down this video with T2 talk but most everything discussed applies to any Macs using the T2 chipset as it's Apple's SOC that was used to to handle additional functionality like the touchbar. The T2 was an SOC buried into Intel Macs as a way to extend functionality and appeared in the MacBook Pros. Since the transition to Apple Silicon, every Mac shipped has the secure enclave and we're over two years into the transition, I elected to mostly not muddy the video with the T2. Written version: http://blog.greggant.com/posts/2023/04/14/the-security-enclave-demystified.html Video Sources: Apple's Secure Enclave https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web Explaining the Mac Studio’s removable SSDs, and why you can’t simply swap them out https://arstechnica.com/gadgets/2022/03/explaining-the-mac-studios-removable-ssds-and-why-you-cant-just-swap-them-out/ Mac Studio Teardown: No Upgradable Storage … Yet https://www.ifixit.com/News/57898/mac-studio-teardown More sources: https://www.notebookcheck.net/Mac-Studio-SSD-does-not-work-on-NVMe-top-level-ARM64-SSD-controller-in-M1-Ultra-makes-it-nearly-impossible-to-swap-out-or-add-raw-storage-modules.609363.0.html https://support.apple.com/en-us/HT208862 https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/protecting_keys_with_the_secure_enclave https://support.apple.com/guide/certifications/secure-enclave-processor-security-apc3a7433eb89/web https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-Demystifying-The-Secure-Enclave-Processor.pdf Sources for previous video (and used to help this video) https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/protecting_keys_with_the_secure_enclave https://support.apple.com/guide/certifications/secure-enclave-processor-security-apc3a7433eb89/web https://www.blackhat.com/docs/us-16/materials/us-16-Mandt-Demystifying-The-Secure-Enclave-Processor.pdf