volume III is coming!

Comments about the book, Requests for content to be covered in the 2nd Edition? Post them here!

volume III is coming!

Postby morpheus » Tue Jul 05, 2016 4:27 am

So, after too long a time, I've good news!

(I would've posted this a lot sooner but newosxbook.com has now obtained the dubious honor of being filtered by the great Chinese firewall)

Volume III of the former MOXiI, now *OSI, is just about *ready* for release! I'm expecting it Late August, and unlike other "guesstimates" which required me to assess my pace of research and writing, this book is actually *done*, so I can and will commit to that date! I have officially announced this at Pangu's great MOSec 2016 conference, which was an honor to attend and speak in!

Now, about the book:


I had originally planned for two volumes, I know, but when I started writing the security chapter (from Volume I's ToC) it just kept on expanding and expanding. By the time I was at 100 pages, it struck me that this would best be served by its own book, and thus Volume III was born! Literally every single security and mitigation technology employed by AAPL could easily fill its own chapter - and now it does. Over a dozen chapters, I explore Authentication, Authorization, Auditing, The Mandatory Access Control Framework, Code Signing, that despicable AMFI, Sandboxing, SIP, Privacy (TCC), iOS's secure boot chain, and encryption - both filesystem (MacOS' FileVault) and iOS's cprotect!

But not only that! I realized that I could collect my detailed-yet-partial writeups of TaiG, and start back at evasi0n 6 - the first "modern" jailbreak, and provide an in-depth step-by-step walkthrough of all jailbreaks since then, including, for each jailbreak, an explanation and pinpointing of the bug, down to the line of code, where available! Every jailbreak gets its own chapter, and I will be making the binaries available on the companion website so you can follow my disassembly and reversing! And btw, I also covered some "classic" OS X vulnerabilities - rootpipe, DYLD_ROOT_PATH, DYLD_PRINT_TO_FILE and others from as far down as 10.11.3.

So the book is now in two parts with the first emphasizing the defensive techniques, and the second the exploitation. Fear not - both parts are sold together in one large size volume of 300+ pages (and those are A4 pages, like my Android Internals, meaning in "old" MOXiI pages it's likely close to double.

The book will be out late August, though I'm guessing I'll provide an early release in TG's MOXiI course (San Francisco Adagio, 8/8) - http://technologeeks.com/OSXRE . I want to emphasize - this book is pretty much done (still needs a cover, though), I'm just polishing a few things, waiting for reviews from my expert team to come through. And I'm thinking of taking a couple of hard copies with me to HITB GSEC (.sg, 8/25), so shoot me an email or in-forum message if you know you're going to attend!


    -Initially, the book will be available in hard copy only. Anyone on the pre-order list will be automatically notified when the first batch prints! Edit: eBook plans are delayed at this point due to some challenges, so it might be a while.
    - Volume I will be done by end of the year, (Edit: Late-Nov/Dec, probably?) and will naturally reflect iOS 10 and OS X 10.12. The main reason for its delay was Volume III blowing up, and now all I need to get past is Android Internals Volume II, which will be out of my hands when N releases, leaving me free to conclude this trilogy. Expect unprecedented detail of XPC, launchd, DYLD, Objective-C, Swift, and an exploration of private APIs that have seldom been seen outside Apple's campus.
    - Volume II will be done shortly after, though I will need to wait till AAPL publishes XNU 3705's sources first. Realistically, Feb 2017 (*gulp*)
    - Pricing: $60 (b/w, hard copy) - a bit more expensive than my http://NewAndroidBook.com/ - because it's really costly to print 300+ pages, people. But I promise you - it will be worth every cent.[/b]
    - There *MIGHT* be a color edition at closer to $100 - because illustrations really look great in full color. Let me know if you think you'd like that.[/b]
    - BTC option available at 0.1 BTC, if you want to offload some BTC when the currency is high :-)

I'll publish a full ToC (not just the highlights at a glance from https://twitter.com/Morpheus______/stat ... 4934060032) - soon.

Please use this thread for any questions, if you have them! I'll also keep revising this post and add any Qs I get as bullets.
morpheus
Site Admin
 
Posts: 532
Joined: Thu Apr 11, 2013 6:24 pm

Re: volume III is coming!

Postby Siguza » Tue Jul 05, 2016 9:19 am

\o/

Definitely interested in the color edition! :)


-- Good to know; But I'm not sure I'll go to the endeavor for just a copy or two. Anyone else interested? Btw, higher price is not for a margin - it's because color printing costs are just way expensive. (J)
User avatar
Siguza
Unicorn
 
Posts: 159
Joined: Thu Jan 28, 2016 10:38 am

Re: volume III is coming!

Postby vega01 » Tue Jul 05, 2016 4:02 pm

What about an e-book version?


-- Answered (J)
vega01
 
Posts: 19
Joined: Mon Sep 28, 2015 4:59 pm

Re: volume III is coming!

Postby NJJN » Wed Jul 06, 2016 5:01 am

Would prefer eBook. So will wait till its released.

-- No plans for eBook at the moment. (J)
NJJN
 
Posts: 9
Joined: Sat Feb 27, 2016 12:09 pm

Re: volume III is coming!

Postby empcesar » Wed Jul 06, 2016 3:31 pm

How do I verify if I'm on the waiting list?

I'd buy ebook and color copy :D

Edit: You're on the list (J)
empcesar
 
Posts: 2
Joined: Fri May 15, 2015 2:49 pm

Re: volume III is coming!

Postby halprin » Tue Jul 19, 2016 4:14 pm

Totally willing to go for the color version!

-- you're on the list (J)
User avatar
halprin
 
Posts: 4
Joined: Wed Jun 10, 2015 4:49 pm

Re: volume III is coming!

Postby maxhal » Thu Aug 25, 2016 2:12 pm

I'm interested in the color edition. How to preorder? Thx


-- You're on the list (J)
maxhal
 

Re: volume III is coming!

Postby pvieito » Fri Aug 26, 2016 3:03 pm

I sent an email to preorder@, is all I have to do to be on the list? And about the new Trident/Pegasus exploits, will they become a new chapter?
pvieito
 

Re: volume III is coming!

Postby Siguza » Fri Aug 26, 2016 6:02 pm

pvieito wrote:And about the new Trident/Pegasus exploits, will they become a new chapter?


=> https://twitter.com/Morpheus______/stat ... 9323536385
User avatar
Siguza
Unicorn
 
Posts: 159
Joined: Thu Jan 28, 2016 10:38 am

Re: volume III is coming!

Postby Siguza » Tue Sep 06, 2016 6:56 pm

So... is the book actually out now, or not?
User avatar
Siguza
Unicorn
 
Posts: 159
Joined: Thu Jan 28, 2016 10:38 am

Next

Return to *OS Internals - 2nd Edition

Who is online

Users browsing this forum: No registered users and 3 guests