One recent security flaw in Apple’s Mac OS platform that gained some press recently was the Rootpipe vulnerability, where security researcher Emil Kvarnhammer found a method of hacking a Mac that could bypass OS X’s security and allow the hacker to gain full administrative control of the system. This issue, which took advantage of faulty entitlements for XPC processes (small tools launched on the behalf of an application to take on workloads and spread the risk of a crash from affecting the main application), allowed a developer to break the sandboxing rules in OS X. Continue reading →