The Mac didn't seem like much of an operating system to attack for awhile. Then it did. Apple reacted with great strides to further protect Macs, compartmentalizing all the things along the way. The attack surface moved. Let's talk about why developers don't always get to have nice things and dig into extensibility of apps and browsers a little.

This conversation begins with telemetry into how modern app toolchains work on the platform now that it's sandboxed. Compartmentalized apps don't use older dylibs or kernel extensions. Instead, they use app, system, network, driver, or browser extensions (sometimes these categories overlap or can communicate with one another). For example, it's common for a password manager to use Apple's AutoFill Extension, a browser plug-in/extension (or four), and for that extension to have entitlements to access other apps. Word salad jargon unpacked:

Systems administrators often focus on apps and configuration settings to enforce a given security posture. Extensions are a part of apps, but can be accessed by other apps. The fact that apps consume extensions, instantiate extensions, or have data that can be deep-linked into makes extensions a common blindspot in the modern device management toolchain for most organizations. Packages are brought into every programming language and necessary to both provide a consistent experience and keep developers from having to create every little thing they want to put into an app from scratch. This page is meant to provide an overview of a set of projects developed to research the abilities, workarounds, and dangers from extensions.