The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms

Опубликовано: 16 Сентябрь 2024
на канале: Black Hat
1,037
38

"ThereIsNoPrivacy.app" would like to access the camera and spy on you, and access all of your private data.

In this talk we return for a third time to talk about bypassing macOS's privacy mechanisms. In the last 4 years we submitted over 100 vulnerabilities to Apple which allowed us to either fully or partially bypass macOS's privacy protection framework (TCC). We gave talks about our findings and various techniques in previous BlackHat conferences.
We will start by briefly explaining how the privacy framework works on macOS, how various databases, configuration files and the Sandbox play various roles in fulfilling a single goal - protecting your private data.

Then we will switch gears and show many new vulnerabilities and a couple of new techniques and ideas which allowed us to bypass privacy protection. As usual, you may expect full exploits, tons of demos and a lot of fun. Believe it or not but we bypassed the TCC again with /usr/bin/grep… multiple times.

Finally, we will talk about how Apple improved the privacy framework over the years, what new features were added in macOS Ventura, Sonoma, since the last time we talked about this topic. We will briefly review a few techniques, which we consider mostly dead due to new mitigations and fixes.

By:
Csaba Fitzl | Principal macOS Security Researcher, Kandji
Wojciech Reguła | Principal Security Consultant, SecuRing

Full Abstract & Presentation Materials:
https://www.blackhat.com/asia-24/brie...


Смотрите видео The Final Chapter: Unlimited ways to bypass your macOS privacy mechanisms онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь Black Hat 16 Сентябрь 2024, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 1,03 раз и оно понравилось 3 людям.