Hacking Leopard: Tools And Techniques For Attacking The Newest Mac Os X presented at Blackhat USA 2007

by Charlie Miller (Independent Security Evaluators),

Tags: Security Development

Summary : According to the Apple website, “Mac OS X
delivers the highest level of security through the adoption of industry
standards, open software development and wise architectural decisions.”
Of course, the Month of Apple Bugs showed that Mac’s are just as
susceptible to vulnerabilities as other operating systems. Arguably, the
two factors keeping the number of announced vulnerabilities on Mac OS X
low is that not many researchers are interested in exploring this
operating system due to low market share and not many researchers are
familiar with the platform which can introduce a steep learning curve.
The first of these reasons is going away as Apple’s market share
continues to rise. This talk hopes to address the second reason. Namely,
to provide researchers already familiar with Windows and Linux the
knowledge and tools necessary to search for new security bugs in this
operating system, specifically the new forthcoming release of “Leopard”,
the newest version of Mac OS X. Happily, there are plenty of bugs and
some Mac-only tools which help to find them. This talk will announce the
port of some popular tools including the release of PaiMei for Mac OS X
and will demonstrate one or two 0-days (if they’re still around).