Speakers: Simon Carlson-Thies
Level: Intermediate, Lecture
Excerpt: A story about two bug discoveries that led me to a clearer picture about the inner workings of SecureTokens. SecureTokens have been characterized in various ways, but the predominant viewpoint seems to be that they are a pointer.That’s a good guess, given the lack of documentation, but I think a deeper look may reveal a better explanation.
Description: SecureTokens are rather a mystery due to the lack of documentation. Many argue that they are a pointer, but I haven’t been convinced. Two bugs in OS 10.13.6 opened the path to new discoveries about SecureTokens and to a more accurate understanding of what seems to be their actual purpose.
In this presentation, I’ll show how these bugs were discovered and have a bit of fun with some of the side-effects of those bugs. Then I’ll show how the bugs led me to reconsider how SecureTokens workcoming to a different conclusion than most have formed. I’ll conclude with a live demonstration of my claims about what SecureTokens are and how they work in the OS. With a better understanding of SecureTokens, I hope we can better troubleshoot problems; make better decisions in system administration, and maybe glean some clues about where Apple may be going with SecureToken and its future role in FileVault’s operation.
About the speaker
Simon Carlson-Thies (Twitter: @macxray2) – Macintosh SME – mPower
I am a long-time Macintosh consultant and System Administrator. I currently put my skills to work at NIH, providing Macintosh desktop support escalation and desktop engineering services via an IT contractor. In a previous life I spent a significant amount of time as a writer. One of my co-authored writings, on cryptography, was published in the NSA’s internal journal Cryptologic Quarterly (but you’ll need a security clearance to read it).