Question: Are there changes to how Secure Token is granted on Intel Macs running Big Sur, as opposed to how Secure Token is granted now on Intel Macs running Catalina?
Answer: No change to how Secure Token is granted on Intel Macs on Big Sur, as compared to on Intel Macs running Catalina.
Question: Will there be differences in how Secure Token is granted on Macs running Big Sur on Apple Silicon?
Answer: No change to how Secure Token is granted on Apple Silicon Macs on Big Sur, as compared to on Intel Macs running Catalina.
Question: Will FileVault authenticated restarts work differently on Apple Silicon, as opposed to how they work now on Intel Macs? If yes, what are the differences?
Answer: Authenticated restart is now entirely handled by Secure Enclave on Apple Silicon, as opposed to the SMC chip on non-T2 Intel Macs and Secure Enclave / Effaceable Storage on T2 Macs. On Apple Silicon. the authrestart token is one-time and cannot be used multiple times.
fdesetup's behavior (including authrestart) should be consistent across both Intel Macs and Apple Silicon.
Question: In the Building an Endpoint Security app session, it was mentioned that the Endpoint Security framework is meant to be a replacement for OpenBSM audit trails. Is OpenBSM still present in Big Sur? If not, is there a built-in audit tool which replaces it?
Answer: OpenBSM is still in Big Sur, but is now deprecated.
Answer: No change to how Secure Token is granted on Intel Macs on Big Sur, as compared to on Intel Macs running Catalina.
Question: Will there be differences in how Secure Token is granted on Macs running Big Sur on Apple Silicon?
Answer: No change to how Secure Token is granted on Apple Silicon Macs on Big Sur, as compared to on Intel Macs running Catalina.
Question: Will FileVault authenticated restarts work differently on Apple Silicon, as opposed to how they work now on Intel Macs? If yes, what are the differences?
Answer: Authenticated restart is now entirely handled by Secure Enclave on Apple Silicon, as opposed to the SMC chip on non-T2 Intel Macs and Secure Enclave / Effaceable Storage on T2 Macs. On Apple Silicon. the authrestart token is one-time and cannot be used multiple times.
fdesetup's behavior (including authrestart) should be consistent across both Intel Macs and Apple Silicon.
Question: In the Building an Endpoint Security app session, it was mentioned that the Endpoint Security framework is meant to be a replacement for OpenBSM audit trails. Is OpenBSM still present in Big Sur? If not, is there a built-in audit tool which replaces it?
Answer: OpenBSM is still in Big Sur, but is now deprecated.
