Our talk walks through the various stages of bootstrapping, showing which binaries are involved, the IPC flows on the device, and evaluates the network (TLS) security of key client/server communications. We will follow with a live demo showing how a nation-state actor could exploit this vulnerability such that a user could unwrap a brand new Mac, and the attacker could root it out of the box the first time it connects to WiFi.

By Jesse Endahl + Max Bélanger

Full abstract and materials: https://www.blackhat.com/us-18/briefings/schedule/#a-deep-dive-into-macos-mdm-and-how-it-can-be-compromised-11674

Posted by Charlie