May 2, 2020

Enabling LSFileQuarantineEnabled on cli binaries

Last week, I’ve looked at various security features offered by macOS, how they are enabled, and especially if they can be enabled on binary files without creating .app bundles. Introduced in OS X 10.5, the quarantine is enabled with an extended flag attribute (xattr) added to downloaded files, assuming the application respects this convention. The flag used by macOS is com.apple.quarantine, and Gatekeeper relies on it to only verify files from untrusted origin. Read more

September 12, 2018

Information leak in Minecraft 1.8

Minecraft is a survival game published by Mojang, owned by Microsoft. When you start playing, you don’t have anything and you must break blocks ("mine") `and build structures and craft objects to progress. We usually call this genre “sandboxing game”, but ironically we can’t say the same when it comes to security. Read more

Copyright © 2020 vulnerable.af