I have published Snake & Apple VI.
It introduces the #Apple #Mobile #File #Integrity (AMFI) Kernel Extension, which protects against unsigned #code #injection #vulnerabilities on #macOS.
This #research results in some new #tools written in #Python, which, as usual, you will find in the repository. The most important is the #AMFI module for #CrimsonUroboros.
Enjoy reading! 👨💻
So, I just realized that #AltStore is advising people to turn off #AMFI and #SIP on #macOS #Sonoma (due to the removal of mail plugins)
THIS IS A BAD IDEA.
AMFI especially will break apps like Discord. Not to mention greatly reducing security.
This should not be recommended for users who do not understand the terminal and are blindly copy-pasting.
Also, for a solution that does work, AOSKit.framework does not require any entitlements, nor a mail plugin. I have no idea why no-one uses it. It even works in Python! (see https://github.com/JJTech0130/pypush/blob/0f2901a1095dd25bbe190cca0f636f151461496b/gsa.py#L37)
(I know no-one follows me, so this PSA probably won't have any effect... the woes of Mastodon)
cc @rileytestut
Mathrubhumi English
Karol Mazurek
JJTech