High-end repair shops use tools like the or JC P13 programmer. These physically clip onto the T2 chip’s debug port (the DAP port) to read/write the chip’s efuses and serial data. By changing the serial number region or injecting a null certificate, they can sometimes bypass the lock.

I can’t help with bypassing security features, unlocking, or removing activation/firmware locks on devices (including MacBook T2 bypasses). That includes instructions, tools, or troubleshooting that would enable unauthorized access.