rtrouton/gist:6b8cd64977132bcdf9606050bc4159d2 Secret

## gistfile1.txt
username@computername ~ % sudo bputil -d
Password:

This utility is not meant for normal users or even sysadmins.
It provides unabstracted access to capabilities which are normally handled for the user automatically when changing the security policy through GUIs such as the Startup Security Utility in macOS Recovery.
It is possible to make your system security much weaker and therefore easier to compromise using this tool.
This tool is not to be used in production environments.
It is possible to render your system unbootable with this tool.
It should only be used to understand how the security of Apple Silicon Macs works.
Use at your own risk!

Current OS environment:
OS Type                                       : macOS
Local Policy Nonce Hash                 (lpnh): 7E1ED4512B6DF2A284C6343E469C1F1459453E4898E770CF37A8F3B1D9C000E0DA0C5C5F0546AB70984BEC3A9870DD9E
Remote Policy Nonce Hash                (rpnh): 88EB8429C516B53BBCA49EC7C0D58C3F27F2890D23E176264B2178EE2A865327CFD06ED94834EE6FF7D145FB39245B59
Recovery OS Policy Nonce Hash           (ronh): 6CF5EB6318AF551C5A23B8D3B2E4196AAA372B523E4F412C375CF6B39DCFED28F9B4E9881BF348886F9B9A14E918AA69

Current local policy:
Signature Type                                : BAA
Unique Chip ID                          (ECID): 0xD793810C0291E
Board ID                                (BORD): 0x26
Chip ID                                 (CHIP): 0x8103
Certificate Epoch                       (CEPO): 0x1
Security Domain                         (SDOM): 0x1
Production Status                       (CPRO): 1
Security Mode                           (CSEC): 1
OS Version                              (love): 21.1.268.5.8,0
Volume Group UUID                       (vuid): 2D85CA09-A291-47CA-A68A-66CB2D3BDF70
KEK Group UUID                          (kuid): AC09E9D5-36DC-10C9-4312-E6DAA3753224
Local Policy Nonce Hash                 (lpnh): 7E1ED4512B6DF2A284C6343E469C1F1459453E4898E770CF37A8F3B1D9C000E0DA0C5C5F0546AB70984BEC3A9870DD9E
Remote Policy Nonce Hash                (rpnh): 88EB8429C516B53BBCA49EC7C0D58C3F27F2890D23E176264B2178EE2A865327CFD06ED94834EE6FF7D145FB39245B59
Next Stage Image4 Hash                  (nsih): 443560FD2BE056BC9527452729EEC1A1BB22BA2DA456B278624DEF822DE9F7A64F0303B64ED811405B4039475F8A623D
User Authorized Kext List Hash          (auxp): absent
Auxiliary Kernel Cache Image4 Hash      (auxi): absent
Kext Receipt Hash                       (auxr): absent
CustomKC or fuOS Image4 Hash            (coih): absent
Security Mode:               Full       (smb0): absent
User-allowed MDM Control:    Disabled   (smb3): absent
DEP-allowed MDM Control:     Disabled   (smb4): absent
SIP Status:                  Enabled    (sip0): absent
Signed System Volume Status: Enabled    (sip1): absent
Kernel CTRR Status:          Enabled    (sip2): absent
Boot Args Filtering Status:  Enabled    (sip3): absent
3rd Party Kexts Status:      Disabled   (smb2): absent
username@computername ~ %
	username@computername ~ % sudo bputil -d
	Password:

	This utility is not meant for normal users or even sysadmins.
	It provides unabstracted access to capabilities which are normally handled for the user automatically when changing the security policy through GUIs such as the Startup Security Utility in macOS Recovery.
	It is possible to make your system security much weaker and therefore easier to compromise using this tool.
	This tool is not to be used in production environments.
	It is possible to render your system unbootable with this tool.
	It should only be used to understand how the security of Apple Silicon Macs works.
	Use at your own risk!

	Current OS environment:
	OS Type : macOS
	Local Policy Nonce Hash (lpnh): 7E1ED4512B6DF2A284C6343E469C1F1459453E4898E770CF37A8F3B1D9C000E0DA0C5C5F0546AB70984BEC3A9870DD9E
	Remote Policy Nonce Hash (rpnh): 88EB8429C516B53BBCA49EC7C0D58C3F27F2890D23E176264B2178EE2A865327CFD06ED94834EE6FF7D145FB39245B59
	Recovery OS Policy Nonce Hash (ronh): 6CF5EB6318AF551C5A23B8D3B2E4196AAA372B523E4F412C375CF6B39DCFED28F9B4E9881BF348886F9B9A14E918AA69

	Current local policy:
	Signature Type : BAA
	Unique Chip ID (ECID): 0xD793810C0291E
	Board ID (BORD): 0x26
	Chip ID (CHIP): 0x8103
	Certificate Epoch (CEPO): 0x1
	Security Domain (SDOM): 0x1
	Production Status (CPRO): 1
	Security Mode (CSEC): 1
	OS Version (love): 21.1.268.5.8,0
	Volume Group UUID (vuid): 2D85CA09-A291-47CA-A68A-66CB2D3BDF70
	KEK Group UUID (kuid): AC09E9D5-36DC-10C9-4312-E6DAA3753224
	Local Policy Nonce Hash (lpnh): 7E1ED4512B6DF2A284C6343E469C1F1459453E4898E770CF37A8F3B1D9C000E0DA0C5C5F0546AB70984BEC3A9870DD9E
	Remote Policy Nonce Hash (rpnh): 88EB8429C516B53BBCA49EC7C0D58C3F27F2890D23E176264B2178EE2A865327CFD06ED94834EE6FF7D145FB39245B59
	Next Stage Image4 Hash (nsih): 443560FD2BE056BC9527452729EEC1A1BB22BA2DA456B278624DEF822DE9F7A64F0303B64ED811405B4039475F8A623D
	User Authorized Kext List Hash (auxp): absent
	Auxiliary Kernel Cache Image4 Hash (auxi): absent
	Kext Receipt Hash (auxr): absent
	CustomKC or fuOS Image4 Hash (coih): absent
	Security Mode: Full (smb0): absent
	User-allowed MDM Control: Disabled (smb3): absent
	DEP-allowed MDM Control: Disabled (smb4): absent
	SIP Status: Enabled (sip0): absent
	Signed System Volume Status: Enabled (sip1): absent
	Kernel CTRR Status: Enabled (sip2): absent
	Boot Args Filtering Status: Enabled (sip3): absent
	3rd Party Kexts Status: Disabled (smb2): absent
	username@computername ~ %