auctionoffline.blogg.se - Malwarebytes for mac logs

MALWAREBYTES FOR MAC LOGS 64 BIT
MALWAREBYTES FOR MAC LOGS SOFTWARE
MALWAREBYTES FOR MAC LOGS CODE

These technologies have justly earned the attention of the press and security researchers, and they’ve been discussed in great detail elsewhere.

You should also check out Andrew Cunningham’s review of macOS 11. (MacOS has booted from a read-only volume since 10.15.) Apple’s Protecting data at multiple layers article briefly describes SSV, but Howard Oakley has an even more detailed write-up on his blog, with illustrations a must-read.

Signed System Volume (SSV) cryptographically sealed the boot volume and made it tamper-evident.

Just-in-time (JIT) compilers will need to be redesigned around this limitation to run on ARM Macs, but special APIs are provided to make the work easier. Memory pages can now be either writable or executable, never both at the same time no exceptions.

Write XOR Execute (W^X) finally came to macOS, in a hardware-enforced form (yes, another M1-only feature).

Cross-device memory sharing is a historical custom, based on a blind, unfounded trust in hardware.

Device isolation was another M1-only feature, that uses the more powerful IOMMU of that platform to make sure hardware devices can only share memory with the operating system and not with each other.

MALWAREBYTES FOR MAC LOGS CODE

Currently limited to system code and kernel extensions, but open to all third-party developers for experimentation.

MALWAREBYTES FOR MAC LOGS 64 BIT

Pointer Authentication Codes (PAC), hardware-enforced Call Flow Integrity (CFI), implemented by Apple’s homegrown 64 bit ARM processor, the M1.

The major new security features that would debut in macOS 11 were: This article was supposed to come out much earlier, and I don’t expect anyone still remembers what the fuss was about over a year later, so I’ll give you a brief recap. macOS 11’s better known security improvementsĪt the WWDC 2020, Apple made a big deal of several new macOS and iOS features that were, in fact, big deals.

Note that I’m just a developer, neither a security researcher nor an exploit writer, and my descriptions of security issues and their mitigations might fall between “slightly incorrect” and “completely wrong”.

Use common sense, assess the risks, choose, and take responsibility for your choice.

In this article, I describe poorly-documented, or completely undocumented, features that could stop working as advertised or disappear completely without notice in future releases of macOS. On macOS, nobody seems to do it (at least not in public), and something as simple as diffing the includes from one SDK version to the next and patiently going through it, file by file, can reveal interesting features nobody knows (or at least talks) about.Ĭomparing the macOS 11 and macOS 10.15 SDKs, I found several intriguing surprises that deserve to be more widely known. This is not uncommon on, say, Windows: There are entire websites dedicated to large scale, long term, differential reverse engineering, that tell you what new functions appeared in what version of Windows, how their relationship with other functions has changed, how internal data structures have evolved etc.

MALWAREBYTES FOR MAC LOGS SOFTWARE

Me, I download the software development kit (SDK) for the new version, and diff it with the current version. When a new release of an operating system comes out, normal people find out what’s new by attending developer conferences, reading release notes, changelogs, reviews.

macOS 11’s better known security improvements.

A deep dive into macOS 11’s internals reveals some security surprises that deserve to be more widely known.