I overlaid two contiguous files and two reserved storage ranges onto up to five GPT partitions, to allow a non-partition-supporting operating system to coexist with EFI and its required GPT partitioning, and with the two files placed atop the boot and maintenance partitions.

#UglyHack #openvms https://infosec.exchange/@postmodern/114679619465262045

With macOS and app sandboxing, and (a lack of) full disk access for Terminal app (and the defaults command), and Hilarity Ensues…

…or…

How the security-related pieces of macOS can sometimes fit together in unexpected and unhelpful ways:

https://lapcatsoftware.com/articles/containers.html

This particular case for Safari browser, but most any sandboxed app will follow this pattern.

#macos #safari #security #fulldiskaccess #plist #sandbox

The advent of Apple Intelligence has greatly improved the creative-corruption capabilities of “predictive” text.

I’m having to watch for wholesale changes in what was typed.

While auto-corrupt and predictive text usually works and usually fixes typos, sometimes the text (due to LLM hallucinations?) can be entirely unexpected.

Probably time for some sites to add firewall rules that trigger a log or an alert for any attempts to access the Java and Oracle domains.

These rules to detect and report any rogue installs.

What sorts of rogue installs can exist?

One of the local Java dependencies had been the (now long replaced) Zyxel firewall.

The firewall web UI used Java to generate a display of the port status. (AKA: hunting flies with anvils.)
https://cyberplace.social/@WiteWulf/114675966630825304