apple platform security research
A sandboxed Mac App Store app can lock your entire screen with custom text and block all input — using Apple's own Classroom feature via unauthenticated XPC access to loginwindow. Apple says it's not a security issue.
Ever wanted to tweak your macOS (almost) legitimately? Popping the Touch Bar UI is a good point to start from!
Device identification is a substantial piece of intelligence for app attestation, but how does it work in reality? In this writeup, I present an end-to-end RE of Apple's DeviceCheck token generation internals.
