Once upon a time, when the COVID was upon us, I retreated into my lab to write a book on the history of computing. I was fortunate, privileged, and delighted to get the chance to interview some of the people who built the foundational technologies that power our digital lives. People who invented the first data packets, installed the first nodes on the internet, developed the first search engines, and founders of companies that have become household names. Many from the history of computing began their careers as academics. Their original research was published as they pursued their PhDs. I started to notice some trends. A few notable ones caught…
-
-
Make The Keychain Work When Compiling Your Own NoMAD
Yesterday, I wrote up how to compile your own version of an open source Xcode app and used NoMAD as an example, for those who didn’t want to use the precompiled application bundle. Many software packages have permissions to do do various tasks. NoMAD interacts with the keychain, so will have to use a TeamID, or to expand the term, the Team Identifier Prefix. This means the new version won’t be able to access keychain items created by previous versions of NoMAD, which use the creators prefix (I didn’t reference Joel as “the Creator” – but “a creator” to be clear). Ergo, this article is really just for helping those…
-
Quick And Dirty Guide To Compiling Your Own Version Of An Open Source Xcode Project For Testing
There are plenty of apps out there that can be beneficial to an organization, but don’t really make sense to live on an app store. This might be because the app uses private APIs, breaks acceptable design patterns, needs to be customized for every use case, is just proof of concept code, etc, etc, etc. Anyone with an Apple Developer certificate can compile an app to test it on their local machine. We can go into more detail later for people that want to then distribute/re-distribute those apps… To get started, first we’ll clone the project to our local machine. To do so, in Github or Gitlab or wherever it…
-
Test A Fork Of NoMAD Maybe?
tldr: here’s a slightly modernized fork of NoMAD that needs a little testing: https://gitlab.com/krypted1/nomad2 Been working on a fork of NoMAD that will hopefull just modernize code and get merged back in. In general, the changes shouldn’t be noticed with a big exception, it’s a breaking change for machines that run an operating system older than Catalina. Apple changes APIs and so we have the option to either introduce a breaking change or make the code really complicated by retaining existing code or moving to new APIs. So this version starts to transition away from UIKit and towards Swift UI. It also removes Carthage in favor of Swift Package Manager.…
-
Use ChatGPT to Analyze macOS Logs for Anomaly Detection
tldr: Posted this anomaly detector that uses ChatGPT at https://github.com/krypted/Lightweight-GPT-Log-Anomaly-Detector. Can be used untrained or with lightly trained troves of macOS system logs. Tweak to your delight… Use A number of options may need to be run in a given environment. To do so, use the following: Create a virtual environment python3.6 -m virtualenv venv Activate the virtual environment source venv/bin/activate Install the requirements pip install -r requirements.txt Create the log file sudo log show --last 10m > log-info-10m.txt Run the script log-analysis.py to parse log file and generate anomalous logs. Example usage: python log-analysis.py --log_filename log-info-10m.txt python log-analysis.py --log_filename log-info-10m.txt --use_error_keywords True --score_threshold 0.5 python log-analysis.py --log_filename log-info-10m.txt --use_error_keywords…
-
Base64 Encoding and Decoding
I received a piece of malware today and as one will do, I of course opened it up on my test machine. Like with a lot of phishing-types of emails, it was really just trying to get at a password (in this case it was a fake Office365 login). One thing that jumped out at me was that the payload was a bunch of base64 encoded blobs. The machine was offline, so I couldn’t use one of the many online decoders to see what it was doing. Thus, time to bust out the old openssl and base64 commands. Let’s start with a quick example of encoding a string object into…
-
Get a list of Google Chrome extensions on a Mac (and more on what’s in the manifest.json)
A common task for those who manage devices is trying to get a list of things installed on a computer. Plenty of the things are apps. But increasingly there are extensions in apps that expand the functionality of those apps. This is nowhere more true than in web browsers, where it’s possible to intercept endpoints and manipulate text on the screen. Google Chrome stores extensions in /Users/<username>/Library/Application\ Support/Google/Chrome/Default/Extensions. To see a list of all of the extensions in Google Chrome, the following find command can parse through the directory, read the manifest.json, and find the name field. It’s quoted such that it will skip those that also have short_name defined…
-
New Version of Extensions Manager
Just uploaded a new version of Extensions Manager to GitHub at https://github.com/krypted/extensionsmanager. Now it has a search function and can sort by column. These make it much quicker to find potential extension conflicts. Uploaded the Xcode project and the compiled binary to just download and run it.
-
The Return Of Extensions Manager
Just posted a graphical interface to see what extensions are running on Macs, the version of extension, what type of extension each is, the status, path, and SDK. This is a rebirth of the slick Extensions Manager of old. It’s less cool like that as it doesn’t yet allow for extensions management – but should once the logic is worked out (or an API is provided for these types of system-wide tasks rather than just for the app that instantiated the extension). To download Extensions Manager, click https://github.com/krypted/extensionsmanager/raw/main/Extension%20Manager%20Executable.zip or to access the source for it and the CLI version, visit https://github.com/krypted/extensionsmanager. The tool is similar in nature to the early…
-
Extensions Manager Swift Project for macOS
Extension Manager was an important app for those who managed Macs in the System 8 and System 9 era. It allowed us to see all of the extensions loaded in the classic OS and disable them. It was also easy to take extensions and move them to the desktop for troubleshooting. In the years since Apple began to pick apart what developers used kernel extensions to do, the type of extensions and how we use them has left us with a few different tools to comb through to see what extensions are on a system and what they do. Thus, let’s bring Extension Manager back (ish). Let’s start with a…