MOXiI 2nd Edition Status Update Page
09/28/2017 - Volume I Status Update
Apple is mutating 10.13 in between betas (and people are already bugging me for "if I buy it, will I get updates") that I have decided to wait till End of September for the official release of Volume I - Just like I did last year with Volume III.
Procrastination is the devil's gift - and I got another gift from AAPL today. For whatever reason, which baffles my mortal mind, Apple put out the sources of XNU-4570, libdispatch, dyld, libpthread, Security.framework and a bunch of other goodies - early. What's really amazing is that I was getting ready to submit the very first batch of MOXiI Volume I for next week!
Well, it ain't happening
I now ABSOLUTELY MUST push back by a few weeks, to incorporate refs to the sources (esp. DYLD) and specific constant names that I had reversed but didn't know the "official" name of until now. This is a necessary evil, because otherwise I'd be putting out a v1.1 a week later.
NO, THIS IS NOT AN EXCUSE FOR AN INDEFINITE PUSHBACK. NEW DATE is 2nd or 3rd week of October. I may be slow, but I try to be thorough. And when I say a book is coming out, it's coming out (within a reasonable margin of error - Android notwithstanding). So - MOXiI Vol 1 is coming out, at 450+ pages, a few weeks later, yeah, but it's going to be even better than I had hoped. This does screw my plans to officially launch the book at MacSysAdmin, which is a conference I really like, and bring their amazing organizer a signed copy :-( Sorry Tycho.. (next year? ;-)
Other good news:
- I'm pulling a long night to add a few other minor tweaks to Volume III (which is going to print tomorrow in a new batch for v1.4.2). Mostly just pointing from my analysis of KPP to the sources, Code signature 0x20400 and a couple of constants, and a discussion of KTRR (iPhone 7 and later AMCC).
- This will expedite Volume II (kernel) since I was bottlenecked on the XNU sources, which I now have.
- This will bring EVEN MORE DETAIL to Volume II, because AAPL [decided to/messed up and accidentally] release the sources for ARM64 - not just
CONFIG_EMBEDDED, which they hid as of 2050 - but the whole package, including the pexpert, KPP (MONITOR), KTRR (iPhone 7+) - some 30k lines of code with a lot of amazing stuff.
- The big surprise of Volume II was supposed to be my re-sourcing of XNU's arm64/ directories. That won't be necessary. You can get that straight from the source now. The day is nigh upon us when XNU will be runnable in even the lowliest of emulators or BeagleBoards..
- I'll be updating my ioS binpack soon for Darwin 17
- I'll be putting out a couple of other important open source packages Apple [forgot to/didn't mess up and accidentally] release today. (@launchderp, don't pull a Wilson Fisk on me ;-)
- Unrelated, but good - Android Volume II has a release date for January 2018, only two years behind schedule :-)
So stay tuned. And yes, it's coming out. And a mighty mighty thanks to Apple for this, even if I can't begin to fathom the reasoning behind it
I'm finally in the process of getting Volume I finalized and ready for printing! It's just as hefty as Volume III was (i.e. ~400 pages).
- wen eta
jailbreak b00k? 9/27/2017. 10/14 or 10/21/2017. Would make for interesting Yom Kippur reading :-)
- What?! Why not NOW NOW? Because this way I don't risk Apple changing something in between Tigris betas and the final. And see above.
- So how will we get the book? Direct ordering via this website will be available when it's ready - BTC only or Pay only - but you can also get it via Amazon. Price will be $75 - just like last one.
- BTC? Pay? Seriously? Why not Paypal? Because I avoid Paypal like the plague, seeing as they are an oppressive monopoly who could not care less about their users, subjecting them to ridiculous fees, holds, and other whimsical constraints without considering that their users are human beings (not to mention paying customers).
- Will there be a PDF edition? ABSOLUTELY NOT. Every time I reconsider this, one or another idiot comes up on Twitter and asked for a pirated copy, not noticing he's CCing me. It gets worse when said idiot extolls the virtues of pirating books, not realizing it devalues the insane work I put into the book. People have no respect.
- But $75 is a lot of money! True, it's not cheap. But then, considering that it costs about $20 to print, and AMZN takes their pound of flesh ($14 to be exact), that doesn't leave me with much.
- But I need to try before I buy! If the tons of free articles and tools I periodically provide can't convince you that the content is worth buying, don't buy it.
- If I buy this, will I get updates? Nope. It's a book, not a subscription. I do make the guarantee that, when you do buy it, you will get the most updated version available. That's more than any other publisher.
- But I want updates! Tough. I couldn't handle the logistics of subscriptions even they made sense.
- Can I see what's in the book? sure. In a nutshell, everything related to user mode - what my first edition covered in seven chapters, I now cover in a full book. Unlike the first edition, I delve into Apple's private frameworks, libraries, and offer FAR more detail than I did in the first edition.
- No, really, like detailed what's in the book? - Sure. The detailed ToC is right here.
- What about the hardcover, color edition? My printer gave me so much pain with the proof copy I decided that will wait for all three volumes. There's still the logistics of getting 1,500 glossy A4 pages into a hard cover, but if I can work that out, it will be T-O-T-A-L-L-Y worth it :-)
- Where can I comment/flame/ask questions? - Same place as usual - The NewOSXBook forum. I welcome all suggestions and queries in The Book's Forum, anytime. My only request is that you post there (anonymously is fine), rather than email or twitter, please.
- When's the next instance of your MOXiI training? - That's The Tg Training.
But I won't be doing any training at the very least until November. Or maybe not till 2018 . Another training is set for December 11th, 2017.
09/27/2016 - Volume III is OUT
Volume III is out - you can get it directly here when orders open next week, or just preorder and buy through Amazon
Why was this delayed? you promised Late August! Yeah, well, what can I do. I was really hoping to get my hands on a sample of Pegasus/Trident so I could also add it to the book. All entities in possession of this sample were very promising, but didn't really deliver. And I can't hold back anymore now that Mac OS 12/iOS 10 is out!
So how do we get the book? Direct ordering via this website will be available soon, but you can also get preorders via Amazon
Why not direct orders through this website now???
Because I still need to print stock. I'll open this up when I have more - just so you get the idea I have preorders in the (low) hundreds. I'm doing my best. I'm just one guy here!
What if I preordered through the website already? Then you get preference, of course. I'll be reaching out to you to ask you if you haven't changed your mind, and if so ask for a humble payment.
Can I see what's in the book? sure. In a nutshell, everything related to security in Apple's OSes - both MacOS and the *OS variants, of course. Part I deals with the mechanisms (Authentication, Authorization, Auditing, MACF, Code Signing, Gatekeeper, AMFI, SIP, Sandboxing, Privacy and Data Protection), and Part II deals with all modern jailbreaks from evasi0n 6 to Pangu's 9.1, as well as classic vulnerablities for [10.]10.x and [10.]11.x, some of which are explained in detail for the very first time! Oh, yeah, and there's an appendix with a MacOS Hardening checklist, too
No, really, like detailed what's in the book? - Sure. The detailed ToC is right here.
Where can I comment/flame/ask questions? - Same place as usual - The NewOSXBook forum. I welcome all suggestions and queries in The Book's Forum, anytime. My only request is that you post there (anonymously is fine), rather than email or twitter, please.
Wait, what's this "print" thing - What, no e-Book?!?!?! Nope. Not for a while. Sorry
When's Volume I and II coming? Soon. Volume III started as one chapter in Volume I.. just so you get the level of detail we're talking about here. Volume I (user space) will be next, then Volume II (kernel/hardware). But I also owe a debt to Android enthusiasts first, which I intend to repay with interest.
When's the next instance of your MOXiI training? - That's The Tg Training in NYC this 10/31!.