Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

MacOS Security - Escaping The Sandbox & Bypassing TCC

Hack In The Box Security Conference via YouTube

Overview

Explore macOS security mechanisms, focusing on sandboxing and Transparency, Consent, and Control (TCC) in this 55-minute conference talk from the Hack In The Box Security Conference. Dive into the evolution of macOS security features, including the introduction of sandbox-like restrictions for non-sandboxed apps in macOS Catalina. Examine the new security boundaries created by these measures and the potential vulnerabilities they introduce. Learn about the challenges developers face in safeguarding app permissions and the importance of understanding these new security models. Discover techniques for bypassing protections in third-party applications and analyze real-world vulnerabilities that allowed sandbox escapes, TCC permission theft, and privilege escalation. Gain insights from security researchers Thijs Alkemade and Daan Keuper as they share their findings on macOS and iOS security, including specific CVEs in macOS and Adobe Reader.

Syllabus

#HITB2021AMS D1T1 - MacOS Security: Escaping The Sandbox & Bypassing TCC - T. Alkemade and D. Keuper

Taught by

Hack In The Box Security Conference

Reviews

Start your review of MacOS Security - Escaping The Sandbox & Bypassing TCC

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.