MacOS and iOS Internals, Volume III: Security & Insecurity

MacOS and iOS Internals, Volume III: Security & Insecurity

In this third and final volume of the "Mac OS and *OS Internals" trilogy, Jonathan Levin takes on the security of Apple's OSes. Part I of this volume explores the mechanisms and techniques employed - Including Auditing, Authentication, the MAC Framework, Code Signing, Sandboxing, SIP, AMFI and more - most of which are documented for the first time. Part II then discusses historical vulnerabilities in MacOS 10.10 and 10.11, as well as all modern exploits - from Evasi0n (iOS6) through Yalu for iOS 10.2 (including KPP bypass) and the latest async_wake (for 11.1.2) in unprecedented detail - showing both the vulnerabilities and their exploitation methods, step by step. With no source code for most of Apple's components or jailbreaks, the approach taken is that of deep reverse engineering, with plenty of hands-on examples, illustrations and decompilation of code. The book's companion website (NewOSXBook.com) is full of tools, samples and other bonus material for this book. The book has also been updated with an appendix detailing the changes in iOS 12 and MacOS 10.14.