I have 2017 Mac Book Pro which does not have T1 or T2 chip. I am looking to detect and prevent Evil Maid type attacks. I did some search and found Do Not Disturb. I don’t find it sufficient. I am looking for some solution that verifies firmware / boot integrity similar to what T1 or T2 chip provides. Below are my questions

  1. Are there any security features out of the box in 2017 MacBook Pro that ensures boot and firmware integrity. Articles related to the subject usually talks about T1 or T2 chips and does not mention anything other than that.

  2. What solutions are available to detect and prevent any attempts of tampering that involves physical access?

  3. Is there any solution similar to Nitro Key or [Librem Key][2] that ensures boot integrity available for 2017 MacBook Pro?