Overview
Explore a critical vulnerability in macOS security through this 37-minute Black Hat conference talk. Delve into the evolving landscape of macOS local security as it shifts towards an iOS-like model, emphasizing codesigned and sandboxed applications with permission-based access. Examine the challenges of implementing new security layers to protect against malware and safeguard sensitive user data. Understand the complexities involved in changing the security model of an established operating system like macOS, focusing on the introduction of security boundaries between applications running as the same user. Learn about the potential vulnerabilities, such as process injection, that arise from these changes. Gain insights from security researcher Thijs Alkemade as he demonstrates how a single vulnerability can compromise multiple macOS security layers, highlighting the importance of continuous security assessment and improvement in operating system design.
Syllabus
Process Injection: Breaking All macOS Security Layers With a Single Vulnerability
Taught by
Black Hat