MOXiI 2nd Edition Status Update Page

12/15/2018 - Wrapping things up (but..)

Sources are (finally) out. That's great as I'll include the Zone Cache, Turnstiles, Priority Queues and other goodies from the sources (as well others which were redacted by AAPL..). That said, there's holidays ahead and a much needed vacation I had hoped would be also to celebrate the completion of the books. So right now expect Volume II mid-late January 2019. Yeah, I know you're waiting (And I appreciate that) - but please understand there's this little thing called real life, too :-) Volume II is absolutely going to be worth the wait, and I expect it to be the definitive XNU kernel reference for many years to come.

11/21/2018 - Waiting on AAPL

So, it's been a while. To be honest I thought I'd be keeping with tradtion and releasing late October/putting the book out on Black Friday (like last year). Thanks to AAPL shuffling their feet with XNU sources, this won't happen. More than before, I need the latest XNU source since, after all, this IS the volume dealing with the kernel.. I have a ton of illustrations showing the exact kernel structures and their offsets - and so I have to make sure I'm up to date and have the right field names (which are lost during compilation). Assuming AAPL holds to their informal promise of "the week after Thanksgiving", expect the book by Christmas..

In other news, I realized that some stuff I've been pushing to Volume II - notably, networking - has so much user mode stuff in it that it would have been better in Volume I. The network stack implementation still will be in II, but the user mode syscalls, PF_NDRV, PF_SYSTEM, BPF, Firewalling/ALF.kext and such are now in their own chapter in Volume I. Yes, that means an update to Volume I, but keeping with another tradition of publishing free chapters, expect that chapter (Volume I's 16th) to be available as a PDF. Keep an eye out on the Change Log for when it comes out.

Buying the books in BTC hasn't looked so attractive in years.. But I'm not sure I want to risk it myself anymore..

08/24/2018 - I'm alive and well, Volume II is still on track, Oct/Nov 2018

LOTS of additions to original ToC, describing under-the-hood Darwin 18 changes - but still on track.

New BTC price for every one of the trilogy: 0.025BTC. Get 'em while you can.

04/28/2018 - Volume II is being worked on - ETA Oct/Nov 2018

Not to break an informal tradition - expect this to be released Oct-Nov this year, subject to AAPL being nice and releasing their Darwin 18 sources early like last time (and please, with ARM64 again ;-) . Why? Because it doesn't make sense to publish a book about the kernel, which is the most important component of the system and the one most affected by Darwin versioning, only to have a new OS come out a few months later.

Watch this space for more news. Volume II is still in its infancy, but is shaping up to be the biggest and best-est of the trilogy! Topics covered include:

Loads of examples will be given using Xnoop, my kernel inspection tool (which will also be released officially by @Technologeeks , hopefully sooner than the book is published

It's not too late to submit requests via the website forum!

Oh, and - When Vol II will be out, I will also be doing the limited edition COLOR HARDCOVER edition. Stay tuned for that.

11/22/2017 - Volume I goes on sale - just in time for Black Friday!

Yes, I know, longer than expected. I have a life and other things to take care of. But - at least when I say a book is coming you know it'll be there within a 1-3 month standard deviation, eh? :-)


09/28/2017 - Volume I Status Update


Apple is mutating 10.13 in between betas (and people are already bugging me for "if I buy it, will I get updates") that I have decided to wait till End of September for the official release of Volume I - Just like I did last year with Volume III.

Procrastination is the devil's gift - and I got another gift from AAPL today. For whatever reason, which baffles my mortal mind, Apple put out the sources of XNU-4570, libdispatch, dyld, libpthread, Security.framework and a bunch of other goodies - early. What's really amazing is that I was getting ready to submit the very first batch of MOXiI Volume I for next week!

Well, it ain't happening

I now ABSOLUTELY MUST push back by a few weeks, to incorporate refs to the sources (esp. DYLD) and specific constant names that I had reversed but didn't know the "official" name of until now. This is a necessary evil, because otherwise I'd be putting out a v1.1 a week later.

NO, THIS IS NOT AN EXCUSE FOR AN INDEFINITE PUSHBACK. NEW DATE is 2nd or 3rd week of October. I may be slow, but I try to be thorough. And when I say a book is coming out, it's coming out (within a reasonable margin of error - Android notwithstanding). So - MOXiI Vol 1 is coming out, at 450+ pages, a few weeks later, yeah, but it's going to be even better than I had hoped. This does screw my plans to officially launch the book at MacSysAdmin, which is a conference I really like, and bring their amazing organizer a signed copy :-( Sorry Tycho.. (next year? ;-)

Other good news:

So stay tuned. And yes, it's coming out. And a mighty mighty thanks to Apple for this, even if I can't begin to fathom the reasoning behind it

Long version

I'm finally in the process of getting Volume I finalized and ready for printing! It's just as hefty as Volume III was (i.e. ~400 pages).

09/27/2016 - Volume III is OUT


Volume III is out - you can get it directly here when orders open next week, or just preorder and buy through Amazon

  • Why was this delayed? you promised Late August! Yeah, well, what can I do. I was really hoping to get my hands on a sample of Pegasus/Trident so I could also add it to the book. All entities in possession of this sample were very promising, but didn't really deliver. And I can't hold back anymore now that Mac OS 12/iOS 10 is out!
  • So how do we get the book? Direct ordering via this website will be available soon, but you can also get preorders via Amazon
  • Why not direct orders through this website now??? Because I still need to print stock. I'll open this up when I have more - just so you get the idea I have preorders in the (low) hundreds. I'm doing my best. I'm just one guy here!
  • What if I preordered through the website already? Then you get preference, of course. I'll be reaching out to you to ask you if you haven't changed your mind, and if so ask for a humble payment.
  • Can I see what's in the book? sure. In a nutshell, everything related to security in Apple's OSes - both MacOS and the *OS variants, of course. Part I deals with the mechanisms (Authentication, Authorization, Auditing, MACF, Code Signing, Gatekeeper, AMFI, SIP, Sandboxing, Privacy and Data Protection), and Part II deals with all modern jailbreaks from evasi0n 6 to Pangu's 9.1, as well as classic vulnerablities for [10.]10.x and [10.]11.x, some of which are explained in detail for the very first time! Oh, yeah, and there's an appendix with a MacOS Hardening checklist, too
  • No, really, like detailed what's in the book? - Sure. The detailed ToC is right here.
  • Where can I comment/flame/ask questions? - Same place as usual - The NewOSXBook forum. I welcome all suggestions and queries in The Book's Forum, anytime. My only request is that you post there (anonymously is fine), rather than email or twitter, please.
  • Wait, what's this "print" thing - What, no e-Book?!?!?! Nope. Not for a while. Sorry
  • When's Volume I and II coming? Soon. Volume III started as one chapter in Volume I.. just so you get the level of detail we're talking about here. Volume I (user space) will be next, then Volume II (kernel/hardware). But I also owe a debt to Android enthusiasts first, which I intend to repay with interest.
  • When's the next instance of your MOXiI training? - That's The Tg Training in NYC this 10/31!.