Page 1 of 6

Any Requests for a 2nd Edition of the book?

PostPosted: Wed Jul 02, 2014 1:26 pm
by morpheus
Hello Everyone,

1.5 years after the book has been out, many changes have been afoot. OS X has advanced by almost three operating system versions , with 10.10 and iOS 8 around the corner. Also, I've got some pretty constructive (and sometime less than constructive) feedback on more topics to cover.

The new book will follow in the general path of the Android book, meaning far less source code snippets, and lots more diagrams and illustrations, which will allow for more coverage of important topics.

So far, I have the following:

- The "Parts of the Process" (Chapter 4) will be split to deal with memory and threads separately, including:
- Detailed coverage of GCD, and Blocks
- Apple's NP Pthread extensions - this is especially important in light of 10.9 and 10.10 pthread.kext

- More coverage of iCloud internals, AirDrop and Apple Push Notifications

- A dedicated chapter for Objective-C, and Swift internals

- More on new Mach objects - ledgers, vouchers and coalitions (10.10)

- More on memory compression and memory pressure

- Kauth - a glaring omission from the file chapter

- VFS - internals. An amazon reviewer recently commented this is sorely needed. I agree.

- More on nstat (the foundation of the popular lsock program)

- Telemetry and Kperf APIs


Please post requests here - I'll be glad to accommodate

J

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Wed Jul 02, 2014 6:41 pm
by WaitingFor2nd
How about iOS and Mac OS X application level permissions? More on entitlements, please!

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Fri Jul 04, 2014 11:10 pm
by greatbook
How about more on firmware, encrypted disk, and some of the hardware integration. For example, I saw the excellent paper regarding iOS/OS X early random and I really liked how the paper showed how Apple knew some of the issues there...

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Sat Jul 05, 2014 6:27 pm
by thankyou
More on launchd, please, especially the order of boot up, and how to , for example, enable networking from single user mode, etc. Thank you!

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Sat Jul 19, 2014 5:17 pm
by yesplease
I'd love to see a few interludes for some of the larger tools you've put up, even if it were a few paragraphs on the overview, where you leveraged others' work, and then some debugging (so maybe <5 pages per). Even just a couple of those examples really help give some great insights into doing more research, experiments...

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Fri Jul 25, 2014 8:21 pm
by MoreServices
More on the iOS services, especially in light of Zdziarski's presentation at HOPE and http://support.apple.com/kb/HT6331

Great book!

PostPosted: Sun Jul 27, 2014 12:03 am
by MaxBrein
My priority list:

1. More Mach-o internals (injecting new load commands, inspecting load commands like LC_ENCRYPTION_INFO etc)
2. More ways of function hooking\interposing
3. Swift runtime, swift function interposing
4. More tools :)

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Wed Jul 30, 2014 3:20 pm
by morpheus
Thanks for the kind words and requests, everyone. I'm glad to report the 2nd Edition is now official. Expect it early 2015. All the above requests are taken into consideration - keep it coming! And if you have any ideas for more tools/features, feel free to share as well!

More soon!

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Wed Jul 30, 2014 8:28 pm
by MaxBrein
Tools: Mach-o header editor(yes, I know it is lot of work and not realistic :)) or load commands injector
Feature: iOS8 LC_LOAD_DYLIB in depth, iOS7 way is not working anymore.

Re: Any Requests for a 2nd Edition of the book?

PostPosted: Sat Aug 02, 2014 7:13 pm
by name99
The first version of the book very much concentrated on how others might examine the internals of the system. That's fine --- it's your book and you can include what you like.
But speaking for myself, what I'd like to see a lot more of is inter-OS comparisons: discussions of "This is how OSX does it today, but they did it differently in this way up to 10.6; meanwhile Linux does it like this and NT does it like that". Basically much more discussion of WHY rather than just WHAT.