Synthetically Breaking macOS.
The noted Mac security researcher Patrick Wardle recently stated, “In [macOS] Mojave, Apple blocks programmatically generated mouse clicks”. Turns out he was wrong.
In this talk, we’ll discuss an elegant way to exploit a subtle code-signing flaw in macOS, that allows unprivileged attackers or malware to programmatically interact with the UI. Armed with this powerful capability, we’ll illustrate how to trivially side-step Apple’s “anti-click” protections to generically bypass a myriad of Mojave’s foundational security mechanisms with a single (synthetic) click!
Patrick Wardle is the Chief Research Officer at Digita Security and founder of Objective-See. Having worked at NASA and the NSA, as well as presented at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy. Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware and writing free open-source security tools to protect Mac users.