MacOS and iOS Internals, Volume III: Security & Insecurity

In this third and final volume of the “Mac OS and *OS Internals” trilogy, Jonathan Levin takes on the security of Apple’s OSes. Part I of this volume explores the mechanisms and techniques employed – Including Auditing, Authentication, the MAC Framework, Code Signing, Sandboxing, SIP, AMFI and more – most of which are documented for the first time. The second part then discusses historical vulnerabilities in MacOS 10.10 and 10.11, as well as all modern exploits – from Evasi0n (iOS6) through the very latest mach_portal for 10.1.1 with KPP bypass in unprecedented detail – showing both the vulnerabilities and their exploitation methods, step by step. With no source code for most of Apple’s components or for the jailbreaks, the approach taken is that of deep reverse engineering, with plenty of hands-on examples, illustrations and decompilation of code.