Customer Reviews

OS X Exploits and Defense: Own it...Just Like Windows or Linux!

5 star:		(0)
4 star:		(0)
3 star:		(0)
2 star:		(2)
1 star:		(1)

 

 

OS X Exploits and Defense suffers from a number of problems. The organization is totally random. Each author's chapters are unrelated to the others, and there's no real progression. The description of the book seems to be more advanced, targeted at people who write exploits and do system level hardening, but the actual content is mostly beginner-oriented. The writing is poor and in need of some good editing and proofreading.

Here's a description of the first 5 chapters.
Chapter 1:
Macintosh OS X Boot Process and Forensic Software.
2 pages of introduction. 2 pages of describing the boot process, which mainly consists of "There is this thing called EFI and xnu, and here are some keys that you can press during boot to do stuff". It mentions that you can boot off a CD to reset the password, but doesn't mention setting a firmware password. 10 pages describing third party forensic software, which didn't really seem to have any relation to booting, so why are they in the same chapter?

Chapter 2: Past and current threats
A few pages on how some people think OS 9 was invincible, but it really isn't. A few pages on how buffer overflows are exploitable on OS 9, and demonstrating an overflow (but not an exploit) in Eudora for OS 9. First, who cares about OS 9? Second, of course buffer overflows are exploitable on OS 9. Why would anyone devote any time to this?

The chapter moves on to OS X, which is a lot more interesting. It describes some old vulnerabilities. Then there are sections on Unicode exploits, exploiting PowerPC binaries on Intel, and exploiting Wine-based Windows applications. All are interesting and relatively novel, although they are light on explanation and heavy on uncommented gdb output. There is some discussion of tricks that malware can use to hide itself, and some discussion of exploit techniques. Aside from the OS 9 content, this whole chapter was good.

Chapter 3: Malicious Macs: Malware and the Mac
It describes different types of malware, and specific instances of malware that have been targeted at old versions of Mac OS, as well as Mac OS X. It devotes a lot of time to arguing that malware can affect Mac OS X, and has. Which is true, but to any security-minded reader that should already be obvious, so I don't know what the point is. We all know idiot Mac users who think they're invincible, but they don't read books like this.

Chapter 4: Malware detection and the Mac
There's some discussion of whether or not anti-malware software is needed on the Mac, a brief discussion of malware detection techniques, and an overview of some available anti-malware software. All of this is fine, but it's at a low technical level suitable for an end user trying to decide what anti-virus program to buy. It doesn't fit with the book's marketed demographic.

Chapter 5: Mac OS X for Pen Testers
This chapter covers:
Running Terminal, running perl, installing and using CPAN, X11, compiling open source programs, an overview of open source security programs. There's a 6 page section on how to build Wireshark. The intended audience for this is again at a very rudimentary skill level.

This book's main problem is that it lacks focus, which might have something to do with the fact that it has 5 authors. It's all over the place in terms of the topics, and the intended audience. I think there are some people who might like any given chapter, but few who would want to read the whole thing. And there is very little content in the book that is novel, that you couldn't find just by Googling. I have higher hopes for "The Mac Hacker's Handbook" by Charles Miller and Dino Dai Zovi, which hasn't been released yet, so we'll see.

I ordered this one too fast, few days later first reviews were available and like them I can't recommend this book. too fragmented information without structure, looses the focus of other books covering same topics, its more a bunch of stories and scenarios around apple macs in history

Some good info, but not well edited and more than a little dated in places.