It doesn't need to be encrypted if it's one-time programmable. The calibration data is likely written into efuses which are physically burned and cannot be reset.

▲

bri3d 6 days ago | parent [-]

The sensor and its data stream would need to be authenticated, though.

▲

arcticbull 6 days ago | parent [-]

For the mic cut-off? My understanding is that it outputs an electrical signal that's routed to the audio codec that literally prevents the audio from getting to system memory in the same way a physical switch would. It autonomously, at an electrical level, disconnects the mic without OS or software intervention. As it cannot be programmed again, you would have to crack open the laptop and modify the PCB to override it.

	▲	bri3d 6 days ago \| parent [-]
		Oh, I understand now - you're right, OTP sensor data does protect against a real threat model I hadn't considered before: * A remote attacker gains whatever privilege lets them get to the sensor SPI. * Without OTP calibration, the attacker could reprogram the sensor silently to report a different endstop, keeping the machine awake and the hard-cuts active. * With OTP calibration, this is closed. So perhaps it is more security-related than I initially thought. I was more considering the counterfeit part / supply chain / evil maid scenario, where the fact that Apple's sensors are OTP is meaningless (since a replacement sensor doesn't need to be, plus, you could just put a microcontroller pretending to be a sensor in there since there's no actual protection). Thanks, you made me think again and figure it out!