Docker-OSX

The Docker-OSX project has to be among one of the easiest ways to get a fully functional Hackintosh off the ground on any Linux or Windows (10+) system, with the Docker image handling the heavy lifting of keeping the copy of MacOS happy and satisfied, even as the legality remains questionable, as we previously reported on in 2021. Officially, Apple’s software license for MacOS states that it can only be installed and use on Apple-branded hardware, which precludes the installation in e.g. a Docker container. This has left Docker-OSX in a gray zone where it’s technically illegal, but as it’s being advertised by its developer [Sick Codes] to be for use by security researchers who participate in Apple’s Bug Bounty program (including iOS, which requires XCode, which requires MacOS, etc.), it seems to slip through the cracks.

An obvious issue which may soon spell the end of MacOS-on-x86_64 and with it this use of Docker-OSX is that MacOS is now straddling Apple Silicon and Intel’s x86_64 architecture, with the latter no longer being sold by Apple’s in any of its systems after the recent introduction of its Apple Silicon-based Mac Pro. Although MacOS Sonoma (14) still supports x86_64, this support could be cut in MacOS 15 or 16, at which point running Docker-OSX with an Apple Silicon-only MacOS image would at the very least require an AArch64-based ARM system, though likely with an ISA extension level that matches the lowest-end Apple Silicon (ARMv8.5-A for M1).

Although this should not make it impossible to run Docker-OSX on future Linux (and perhaps Windows) systems on AArch64-based systems, it would make it more complicated and expensive as using one’s existing x86_64-based PC is no longer an option aside from adding a sluggish Qemu layer in between, which would add a significant performance penalty. If you are using Docker-OSX, what are your experiences and plans here?

Continue reading “Easy Hackintosh With Docker-OSX: Soon To Be Impossible?” →

Google has been working on mitigations for the Spectre attack, and has made available a Proof of Concept that you can run in your browser right now. Spectre is one of the issues that kicked off the entire series of speculative execution vulnerabilities and fixes. What Google has demonstrated is that the Spectre attack can actually be pulled off in Javascript, right in the browser. Spectre is limited to reading memory allocated to the same process, and modern browsers have implemented measures like site isolation, which puts each site in a separate, sandboxed process.

These security features don’t mean that there is no practical dangers from Spectre. There are a handful of ways an attacker can run Javascript on another site, from something as simple as an interactive advertisement, to a cross-site scripting injection. Google has produced features and guidance to mitigate those dangers.

Via Bleeping Computer. Continue reading “This Week In Security: Spectre In The Browser, Be Careful What You Clone, And Hackintosh” →

Hackaday

2 Articles

Easy Hackintosh With Docker-OSX: Soon To Be Impossible?

This Week In Security: Spectre In The Browser, Be Careful What You Clone, And Hackintosh

Search

Never miss a hack

If you missed it

Mining And Refining: Uranium And Plutonium

Programming Ada: First Steps On The Desktop

The Hunt For MH370 Goes On With Barnacles As A Lead

MXM: Powerful, Misused, Hackable

VCF East 2024 Was Bigger And Better Than Ever

Our Columns

Keebin’ With Kristina: The One With The Transmitting Typewriter

Supercon 2023: Alex Lynd Explores MCUs In Infosec

FLOSS Weekly Episode 780: Zoneminder — Better Call Randal

Slicing And Dicing The Bits: CPU Design The Old Fashioned Way

Hackaday Links: April 21, 2024

Search

Never miss a hack

Subscribe

If you missed it

Our Columns