Software Flashcards
ASIF
Sparse format
Delta layers
Plugin for Amber
AMBER
Apple Modular Block Device Library
AEBD
Apple Encrypted Block Device
KNOX
Asset database
Fast and secure storage
NBD
Network block device
FileVault
Storage encryption with volume key (class C protection on ASM)
Data Protection
File Encryption
Data Vault
Restrict access to the data of an app from all other requesting apps
Sandbox access controls
Restrict what data an app can access
GCD: definition and description
Grand central dispatch
Execute code concurrently on multicore hardware by submitting work to dispatch queues managed by the system
Forward secrecy
Ensures session keys will not be compromised even if long term secrets used in the session key exchange are compromised
ARV
Authenticated root volume
Evil Maid Attack
An attack on an unattended device, in which an attacker alters it in some undetectable way so that they can later access the device, or the data on it.
ABD: description
file format for external customers that support AMBER like functions
ACS
Apple Cloud Service
DT: definition and two goals
Developer Tools
Planning to use virtual machine to test different OS and Xcode
replace Xcode simulator
MAC stadium
Build and run with macOS in the cloud
Journaling file system
Keep track of uncommitted changes in a data structure to avoid data corruptions
CAS
Build server
What are the two ways to find build records?
xbs buildrecords
knox download/extract build-record
New train names
Luck iOS
Cheer macOS
Napili watch
Charisma tv
Wonder Xcode
Discovery vision
Libkrun
Rust based virtual machine monitor that links directly to hypervisor framework
Orbstack
Run docker container and Linux on macOS VM
Accelerate framework
Make large scale mathematical computations and image calculations using SME and AMX
Gray matter
Apple intelligence
Networking: ESP: define, who, what
Encapsulating security payload
Member of IPSec set of protocols
encrypt and authenticate the data packets between computers using a VPN
VMNet
Apple Framework for virtual machines to read and write packets
Stolen time
Time that guest is ready to run but not scheduled
Network link conditioner
Xcode tool to control bandwidth, latency and packet loss
VZVirtioSocketDevice
A device that manages port based connections between the guest system and the host computer
Four trap controls for performance monitors
ARM PMU register
CPMU, UPMU and CLPC registers
How CPMU registers are partitioned
Guarded vs unguarded
Host vs guest
Two functions of PMCR0_EL1
Enabling CPMU counters
Configuring overflow interrupts
Apple framework
A bundled shared library (dylib), which contains code and miscellaneous files
libSystem: 3 facts
Darwin’s most essential library
Services provided by the lowest level of the C runtime
Wrappers over kernel functions
NMOS
Next mainline OS
Linux namespace
Partition kernel resources such that one set of processes sees one set of resources, while another set of processes sees a different set of resources
VirtioFS: 3 facts
This uses the FUSE protocol, funnels requests through shared memory, and handles them on macOS
Recap
API and CLI to Synthetically playback events or gestures on a device
Virtio Net: what, how, who
Paravirtualized network device
Use shared memory for data transmission
Adopted in Linux and other operating systems
Impacts of entitlements on VM ISA
security.hypervisor allows generic ISA
Private.hypervisor.apple - allows Apple ISA
private.hypervisor - allows Apple ISA at least but also internal ISA for
Development kernel, AppleInternal, research guests
Darwin’s four kernel interfaces
System calls
Mach traps
Machine dependent calls (machdep)
Comm page
ACPI: definition, info, code, management
Advanced configuration and power interface
Description of a computer’s configuration and its various components
Associate drivers with its system peripherals
Platform interfaces for power and system management
PSCI: definition and four management functions
Power state coordination interface
Core idle management
Dynamic addition and removal of cores
secondary core boot
System shutdown and reset
SMCCC: 4 things being defined
Defines a common calling mechanism to be used with SMC and HVC
Defines how registers are used to pass parameters and results
Defines service types
Defines Arm architectural calls
NAT: definition and description
Network address translation
Map one address space to another by modifying address information in the IP header in transit across a routing device or virtual machine monitor
TAP in Linux: definition, what, vm, why
Terminal access point
Network device mode that allows the creation of a virtual network interface
Support network backend for virtual machines
More performant and capable than SLIRP (user networking)
CentOS: one liner
Linux distribution derived from Red Hat Enterprise Linux
Three VMWare scheduling constraints
Shares
Reservation
Limit
Two ways to put expiring workarounds
_CFAppVersionCheckLessThan
dyld_program_sdk_at_least
Names of 1000 bytes to the power of 1 to 5
Kilobytes, megabytes, gigabytes, terabytes, petabytes
Names of 1024 bytes to the power of 1 to 5
Kibibytes, Mebibytes, Gibibytes, tebibytes, pebibytes
PCIe BAR: what, where and how many
Describe a memory region the CPU accesses to interact with a PCIe device
Defined in configuration space
Each device has 8 functions, and each has 6 BARs
Kali Linux
Debian based Linux distribution geared toward information security tasks
P2V: definition and description
Physical to virtual
Migration of physical machines to virtual machines
Libkern
C++ runtime environment in XNU