• Mac OS X

    Resolve Package Dependencies in NoMAD 2 with carthage

    Sometimes when we download an Xcode project, there are dependencies. Those that use swift packages might need to download the package (if it’s publicly available) or have it linked. Projects that use carthage (where the devs probably consider it a little tech debt to move to a new package management system) just need a quick carthage build. To do so, first install carthage, if it isn’t already installed. To do so, we can just use brew: brew install carthage Next, let’s cd into the root directory of the project (where below is ~/Documents/NoMAD2 and then run carthage with a bootstrap command: carthage bootstrap Subsequent updates might need a new build…

  • Uncategorized

    Apple Device Management Second Edition book now available for purchase from Amazon, Apple Books and Apress

    As usual, the wonderfully timely (yes, that was two adverbs in a row) Rich Trouton posted about our latest book, the second edition of Apple Device Management, finally shipping. Ironically we were talking about a day or two before about why the publication date got pushed back. But alas it didn’t. He also included where to get it for different ways people like to consume their content. To add to the conversation, it’s worth noting that some of the chapters were left barely touched. Others had new technologies, like SSOE added, and still others were largely rewritten. As compared to my first books on Mac OS X Tiger and on,…

  • Microsoft Exchange Server

    Block attachments with htm or html extensions and/or javascripts in Office365

    Spammers have been getting craftier with how they get through the bayesian and other heuristic filters many mail providers use to deliver only legitimate emails to recipients. One of the ways they do this is by encoding or encapsulating patterns into base64 or some other encoding mechanism. This allows the email client to render a message with text that would have been blocked by a spam filter as the filter usually can’t comprehend the encoded strings. These usually come down in the form of htm or html attachments where the email client effectively acts as a web viewer to render data to the screen. If we take a sample of…

  • Mac Security

    Base64 Encoding and Decoding

    I received a piece of malware today and as one will do, I of course opened it up on my test machine. Like with a lot of phishing-types of emails, it was really just trying to get at a password (in this case it was a fake Office365 login). One thing that jumped out at me was that the payload was a bunch of base64 encoded blobs. The machine was offline, so I couldn’t use one of the many online decoders to see what it was doing. Thus, time to bust out the old openssl and base64 commands. Let’s start with a quick example of encoding a string object into…

  • Mac Security

    Get a list of Google Chrome extensions on a Mac (and more on what’s in the manifest.json)

    A common task for those who manage devices is trying to get a list of things installed on a computer. Plenty of the things are apps. But increasingly there are extensions in apps that expand the functionality of those apps. This is nowhere more true than in web browsers, where it’s possible to intercept endpoints and manipulate text on the screen. Google Chrome stores extensions in /Users/<username>/Library/Application\ Support/Google/Chrome/Default/Extensions. To see a list of all of the extensions in Google Chrome, the following find command can parse through the directory, read the manifest.json, and find the name field. It’s quoted such that it will skip those that also have short_name defined…

  • WebAuthn and Passkeys

    Inspecting WebAuthn Traffic

    Just released v2 of a Chrome Extension that overrides the navigator.credentials.get and navigator.credentials.create endpoints to show the json that is sent and received from a webauthn transaction. The extension simply produces a dialog box that shows the json submitted to the appropriate endpoints on a server that supports Passkeys. It’s available as an unpacked Chrome extension at https://github.com/krypted/webauthn-inspector. The two primary attributes I was interested in exploring are “id” and “challenge”. Visit webauthn.info and change the “Advanced Settings” it’s easy to see how the other fields change as the settings change and compare these to sites (e.g. bestbuy.com) that have implemented some of the WebAuthn spec. In general, the id…

  • Mac OS X,  Mac Security

    New Version of Extensions Manager

    Just uploaded a new version of Extensions Manager to GitHub at https://github.com/krypted/extensionsmanager. Now it has a search function and can sort by column. These make it much quicker to find potential extension conflicts. Uploaded the Xcode project and the compiled binary to just download and run it.

  • Mac OS X,  Mac Security

    The Return Of Extensions Manager

    Just posted a graphical interface to see what extensions are running on Macs, the version of extension, what type of extension each is, the status, path, and SDK. This is a rebirth of the slick Extensions Manager of old. It’s less cool like that as it doesn’t yet allow for extensions management – but should once the logic is worked out (or an API is provided for these types of system-wide tasks rather than just for the app that instantiated the extension). To download Extensions Manager, click https://github.com/krypted/extensionsmanager/raw/main/Extension%20Manager%20Executable.zip or to access the source for it and the CLI version, visit https://github.com/krypted/extensionsmanager. The tool is similar in nature to the early…