MOXiI 2nd Edition Status Update Page
12/15/2018 - Wrapping things up (but..)
Sources are (finally) out. That's great as I'll include the Zone Cache, Turnstiles, Priority Queues and other goodies from the sources (as well others which were redacted by AAPL..). That said, there's holidays ahead and a much needed vacation I had hoped would be also to celebrate the completion of the books. So right now expect Volume II mid-late January 2019. Yeah, I know you're waiting (And I appreciate that) - but please understand there's this little thing called real life, too :-) Volume II is absolutely going to be worth the wait, and I expect it to be the definitive XNU kernel reference for many years to come.
11/21/2018 - Waiting on AAPL
So, it's been a while. To be honest I thought I'd be keeping with tradtion and releasing late October/putting the book out on Black Friday (like last year). Thanks to AAPL shuffling their feet with XNU sources, this won't happen. More than before, I need the latest XNU source since, after all, this IS the volume dealing with the kernel.. I have a ton of illustrations showing the exact kernel structures and their offsets - and so I have to make sure I'm up to date and have the right field names (which are lost during compilation). Assuming AAPL holds to their informal promise of "the week after Thanksgiving", expect the book by Christmas..
In other news, I realized that some stuff I've been pushing to Volume II - notably, networking - has so much user mode stuff in it that it would have been better in Volume I. The network stack implementation still will be in II, but the user mode syscalls,
BPF, Firewalling/ALF.kext and such are now in their own chapter in Volume I. Yes, that means an update to Volume I, but keeping with another tradition of publishing free chapters, expect that chapter (Volume I's 16th) to be available as a PDF. Keep an eye out on the Change Log for when it comes out.
Buying the books in BTC hasn't looked so attractive in years.. But I'm not sure I want to risk it myself anymore..
08/24/2018 - I'm alive and well, Volume II is still on track, Oct/Nov 2018
LOTS of additions to original ToC, describing under-the-hood Darwin 18 changes - but still on track.
New BTC price for every one of the trilogy: 0.025BTC. Get 'em while you can.
04/28/2018 - Volume II is being worked on - ETA Oct/Nov 2018
Not to break an informal tradition - expect this to be released Oct-Nov this year, subject to AAPL being nice and releasing their Darwin 18 sources early like last time (and please, with ARM64 again ;-) . Why? Because it doesn't make sense to publish a book about the kernel, which is the most important component of the system and the one most affected by Darwin versioning, only to have a new OS come out a few months later.
Watch this space for more news. Volume II is still in its infancy, but is shaping up to be the biggest and best-est of the trilogy! Topics covered include:
- Extensive discussion of ARM64 with source code examples (now that it's open source)
- Detailed illustrations of EFI, iBoot *and* whatever you want to call what drives SEP.
- Lots of XNU stuff which was never covered in the 1st ed since it was added way later - thread level QoS, more schedulers, compressed memory, ledgers, vouchers, etc.
- Specific coverage of VFS including a basic filesystem implementation
- Everything you could ever possibly want to know about kernel memory management - vm_map, pmap and zones (there's no "heap" in kernel mode, folks).
- Detailed coverage of pexpert, IOKit, selected reversed kexts
- APFS internals (no thanks to AAPL for not releasing the spec TWO YEARS LATER...)
Loads of examples will be given using Xnoop, my kernel inspection tool (which will also be released officially by @Technologeeks , hopefully sooner than the book is published
It's not too late to submit requests via the website forum!
Oh, and - When Vol II will be out, I will also be doing the limited edition COLOR HARDCOVER edition. Stay tuned for that.
11/22/2017 - Volume I goes on sale - just in time for Black Friday!
Yes, I know, longer than expected. I have a life and other things to take care of. But - at least when I say a book is coming you know it'll be there within a 1-3 month standard deviation, eh? :-)
- The book goes on sale effective NOW, through the link that's on the main page of the website. For the lazy, that will be: THIS LINK RIGHT HERE. The first 50 copies will ship early december. The printing press I use is "swamped for the holidays". So when/if you order I'll acknowledge it via AMZN, and then send you the book a short while later, when I get the books myself.
- Why the link? Because AMZN has this referral program, and if I refer to my own book, they will refund me some of their really exorbitant fees. A lot of people asked how they can make sure I get more money for my work (and I thank them for it) - This is really the only way, since I banned Paypal...
- The price of BTC is skyrocketing, so I doubt anyone would like to pay the 0.05BTC (reduced from the initial 0.15BTC), because that amounts to $409. Still, if you got into the BTC craze early, and don't mind, the wallet is 1CAkXz8wzEHSVMEhSZFWJWRLvWhvYpjYPv and I would totally appreciate it :-)
- I'm experimenting with Apple Pay as a method of payment . Mac@Hisown.com , if you feel like trying. Just let me know first
- Thank you so much for being patient with this. Volume I was even harder than Volume III, because it didn't have such clear boundaries. Ended up blowing past 500 pages, even though I was really aiming for 400..
09/28/2017 - Volume I Status Update
Apple is mutating 10.13 in between betas (and people are already bugging me for "if I buy it, will I get updates") that I have decided to wait till End of September for the official release of Volume I - Just like I did last year with Volume III.
Procrastination is the devil's gift - and I got another gift from AAPL today. For whatever reason, which baffles my mortal mind, Apple put out the sources of XNU-4570, libdispatch, dyld, libpthread, Security.framework and a bunch of other goodies - early. What's really amazing is that I was getting ready to submit the very first batch of MOXiI Volume I for next week!
Well, it ain't happening
I now ABSOLUTELY MUST push back by a few weeks, to incorporate refs to the sources (esp. DYLD) and specific constant names that I had reversed but didn't know the "official" name of until now. This is a necessary evil, because otherwise I'd be putting out a v1.1 a week later.
NO, THIS IS NOT AN EXCUSE FOR AN INDEFINITE PUSHBACK. NEW DATE is 2nd or 3rd week of October. I may be slow, but I try to be thorough. And when I say a book is coming out, it's coming out (within a reasonable margin of error - Android notwithstanding). So - MOXiI Vol 1 is coming out, at 450+ pages, a few weeks later, yeah, but it's going to be even better than I had hoped. This does screw my plans to officially launch the book at MacSysAdmin, which is a conference I really like, and bring their amazing organizer a signed copy :-( Sorry Tycho.. (next year? ;-)
Other good news:
- I'm pulling a long night to add a few other minor tweaks to Volume III (which is going to print tomorrow in a new batch for v1.4.2). Mostly just pointing from my analysis of KPP to the sources, Code signature 0x20400 and a couple of constants, and a discussion of KTRR (iPhone 7 and later AMCC).
- This will expedite Volume II (kernel) since I was bottlenecked on the XNU sources, which I now have.
- This will bring EVEN MORE DETAIL to Volume II, because AAPL [decided to/messed up and accidentally] release the sources for ARM64 - not just
CONFIG_EMBEDDED, which they hid as of 2050 - but the whole package, including the pexpert, KPP (MONITOR), KTRR (iPhone 7+) - some 30k lines of code with a lot of amazing stuff.
- The big surprise of Volume II was supposed to be my re-sourcing of XNU's arm64/ directories. That won't be necessary. You can get that straight from the source now. The day is nigh upon us when XNU will be runnable in even the lowliest of emulators or BeagleBoards..
- I'll be updating my ioS binpack soon for Darwin 17
- I'll be putting out a couple of other important open source packages Apple [forgot to/didn't mess up and accidentally] release today. (@launchderp, don't pull a Wilson Fisk on me ;-)
- Unrelated, but good - Android Volume II has a release date for January 2018, only two years behind schedule :-)
So stay tuned. And yes, it's coming out. And a mighty mighty thanks to Apple for this, even if I can't begin to fathom the reasoning behind it
I'm finally in the process of getting Volume I finalized and ready for printing! It's just as hefty as Volume III was (i.e. ~400 pages).
- wen eta
jailbreak b00k? 9/27/2017. 10/14 or 10/21/2017. Would make for interesting Yom Kippur reading :-)
- What?! Why not NOW NOW? Because this way I don't risk Apple changing something in between Tigris betas and the final. And see above.
- So how will we get the book? Direct ordering via this website will be available when it's ready - BTC only or Pay only - but you can also get it via Amazon. Price will be $75 - just like last one.
- BTC? Pay? Seriously? Why not Paypal? Because I avoid Paypal like the plague, seeing as they are an oppressive monopoly who could not care less about their users, subjecting them to ridiculous fees, holds, and other whimsical constraints without considering that their users are human beings (not to mention paying customers).
- Will there be a PDF edition? ABSOLUTELY NOT. Every time I reconsider this, one or another idiot comes up on Twitter and asked for a pirated copy, not noticing he's CCing me. It gets worse when said idiot extolls the virtues of pirating books, not realizing it devalues the insane work I put into the book. People have no respect.
- But $75 is a lot of money! True, it's not cheap. But then, considering that it costs about $20 to print, and AMZN takes their pound of flesh ($14 to be exact), that doesn't leave me with much.
- But I need to try before I buy! If the tons of free articles and tools I periodically provide can't convince you that the content is worth buying, don't buy it.
- If I buy this, will I get updates? Nope. It's a book, not a subscription. I do make the guarantee that, when you do buy it, you will get the most updated version available. That's more than any other publisher.
- But I want updates! Tough. I couldn't handle the logistics of subscriptions even they made sense.
- Can I see what's in the book? sure. In a nutshell, everything related to user mode - what my first edition covered in seven chapters, I now cover in a full book. Unlike the first edition, I delve into Apple's private frameworks, libraries, and offer FAR more detail than I did in the first edition.
- No, really, like detailed what's in the book? - Sure. The detailed ToC is right here.
- What about the hardcover, color edition? My printer gave me so much pain with the proof copy I decided that will wait for all three volumes. There's still the logistics of getting 1,500 glossy A4 pages into a hard cover, but if I can work that out, it will be T-O-T-A-L-L-Y worth it :-)
- Where can I comment/flame/ask questions? - Same place as usual - The NewOSXBook forum. I welcome all suggestions and queries in The Book's Forum, anytime. My only request is that you post there (anonymously is fine), rather than email or twitter, please.
- When's the next instance of your MOXiI training? - That's The Tg Training.
But I won't be doing any training at the very least until November. Or maybe not till 2018 . Another training is set for December 11th, 2017.
09/27/2016 - Volume III is OUT
Volume III is out - you can get it directly here when orders open next week, or just preorder and buy through Amazon
Why was this delayed? you promised Late August! Yeah, well, what can I do. I was really hoping to get my hands on a sample of Pegasus/Trident so I could also add it to the book. All entities in possession of this sample were very promising, but didn't really deliver. And I can't hold back anymore now that Mac OS 12/iOS 10 is out!
So how do we get the book? Direct ordering via this website will be available soon, but you can also get preorders via Amazon
Why not direct orders through this website now???
Because I still need to print stock. I'll open this up when I have more - just so you get the idea I have preorders in the (low) hundreds. I'm doing my best. I'm just one guy here!
What if I preordered through the website already? Then you get preference, of course. I'll be reaching out to you to ask you if you haven't changed your mind, and if so ask for a humble payment.
Can I see what's in the book? sure. In a nutshell, everything related to security in Apple's OSes - both MacOS and the *OS variants, of course. Part I deals with the mechanisms (Authentication, Authorization, Auditing, MACF, Code Signing, Gatekeeper, AMFI, SIP, Sandboxing, Privacy and Data Protection), and Part II deals with all modern jailbreaks from evasi0n 6 to Pangu's 9.1, as well as classic vulnerablities for [10.]10.x and [10.]11.x, some of which are explained in detail for the very first time! Oh, yeah, and there's an appendix with a MacOS Hardening checklist, too
No, really, like detailed what's in the book? - Sure. The detailed ToC is right here.
Where can I comment/flame/ask questions? - Same place as usual - The NewOSXBook forum. I welcome all suggestions and queries in The Book's Forum, anytime. My only request is that you post there (anonymously is fine), rather than email or twitter, please.
Wait, what's this "print" thing - What, no e-Book?!?!?! Nope. Not for a while. Sorry
When's Volume I and II coming? Soon. Volume III started as one chapter in Volume I.. just so you get the level of detail we're talking about here. Volume I (user space) will be next, then Volume II (kernel/hardware). But I also owe a debt to Android enthusiasts first, which I intend to repay with interest.
When's the next instance of your MOXiI training? - That's The Tg Training in NYC this 10/31!.