New Blog: "Two Bugs, One Func()"

Besides having more time to create new macOS security tools, thanks to all your support,  I also have more time to write! Something I really love to do  ✍ ☺️

I recently found two interesting bugs within the same function in Apple's macOS (XNU) kernel. After reporting them to Apple, I spent the weekend gaining a thorough understanding of each bug and began documenting my findings in 2-part blog post. Part one is now live  :) 

In part one, I show that armed with a kernel panic report, we are able to track down the faulting instruction and figure out the cause of the panic. Interestingly,  I believe this bug, an 'off-by-one' error was intentional, albeit non-maliciously so. Read part one of the blog here! Part two will posted in the upcoming days.

*note: patrons at the 2^3 level and above will generally get early access to blog posts! However, as these two specific posts deal with security vulnerabilities patched in macOS 10.12.4 (that was just released today),  I felt full public disclosure was warranted. Mahalo for your understanding! 

Tier Benefits
Recent Posts