MacHack Paper Progress

Anyway, posting has been light because I've been working on my MacHack paper. As expected, it's diverging from the original outline. This is both a good thing and a bad thing.

The good thing is that I'm going into code-level detail about function overriding and code injection. Indeed, I've already written one package -- mach_override -- that will be distributed with the paper. The next package, mach_inject, is in the work queue. I code the package, and then I write that part of the paper. Helps ensure reality.

The bad thing is that I'm narrowing the scope of the paper. I won't be talking about App bundles/plugins, DYLD_INSERT_LIBRARIES, OAKeepAllocationStatistics or ptrace. I'm not too terribly broken up about not covering these topics, however. That's because, in my humble opinion, mach_override and mach_inject blow them away in terms of utility.

I let Allon Stern take a peek at mach_override. His comments:

Allon Stern: Assembly. I like it :)
Allon Stern: Machine code, actually.
Allon Stern: Gotta love it when your comments are the assembly :)

Okay, so there's a chunk of machine language in there. Trust me, it makes sense once you see it!

Tuesday, April 15, 2003
11:06 PM