Job(s) Bless Us! Privileged Operations on macOS

Presented at Objective by the Sea version 3.0 (2020), March 13, 2020, 11:50 a.m. (25 minutes).

Operation system's security depends a lot on the way developers handle privileged operations. Is it easy to make a mistake? Is the recommended way actually better than a deprecated API? Recently, we gained insight into these questions during our company's bug bounty program, which led to some surprising conclusions, which we'll share today.

Presenters:

• Julia Vashchenko - macOS Engineer at MacPaw
  Julia is a macOS Engineer currently at MacPaw (CleanMyMac Malware Module), having previously worked as a C++ macOS Engineer for Comodo Security Solutions at the macOS Antivirus project. She is a macOS lead at "Women Who Code Kyiv", a mentor of a workshop on IPC (SwiftAveiro conference) and has recently gave a talk on modern approach to modularizing code (SwiftHeroes conference).

Links:

• https://objectivebythesea.org/v3/content.html#jVashchenko
• https://www.youtube.com/watch?v=mz31PlpF0rc
• https://objectivebythesea.org/v3/talks/OBTS_v3_jVashchenko.pdf