Aloha 2^3 supporters! Your tier level gives you early access to many of Objective-See's blog posts ✍️ Woohoo! As such, you can read my latest blog post before anybody else.
In this post, I discuss a (somewhat controversial) security feature that Apple is introducing in macOS High Sierra (10.13). Named "Secure Kernel Extension Loading" (SKEL) it aims to prevent local attackers or malware from loading (even legitimate) kernel extensions for subversive purposes.
I decided to poke on SKEL's implementation (in the latest beta release of High Sierra) and unfortunately found an exploitable 0day vulnerability that allows me to completely bypass it - rendering it effectively useless.
Interested? Read the full blog post: "High Sierra's 'Secure Kernel Extension Loading' is Broken"
Mahalo as always, for your ongoing patronage :)