By Robert Bathurst, Russ Rogers, Alijohn Ghassemlouei
Publisher: Elsevier / Syngress
Released: December 2012
Written by two experienced penetration testers the material presented discusses the basics of the OS X environment and its vulnerabilities. Including but limited to; application porting, virtualization utilization and offensive tactics at the kernel, OS and wireless level. This book provides a comprehensive in-depth guide to exploiting and compromising the OS X platform while offering the necessary defense and countermeasure techniques that can be used to stop hackers
As a resource to the reader, the companion website will provide links from the authors, commentary and updates.
Provides relevant information including some of the latest OS X threats
Easily accessible to those without any prior OS X experience
Useful tips and strategies for exploiting and compromising OS X systems
Includes discussion of defensive and countermeasure applications and how to use them
Comments about oreilly The Hacker's Guide to OS X:
I have a tough time telling what the audience is supposed to be for this. It's about half primer -- really basic stuff that might be useful to somebody without any understanding of operating systems, security, or apple products. As a new Mac user, I find some of that useful in terms of an under-the-hood explanation of how the HFS+ filesystem is working, etc. Not useful enough to replace a real in depth Internals book, but useful. The meat of the book should be chapters 4,5, and 6 -- Footprinting, Defensive Applications, Offensive Tactics. The footprinting chapter is insanely generic and has precious little specificity regarding the Apple environment. The Defensive Applications and Offensive Tactics chapters would be useful, but it's so truncated that it just leaves you hungering for more detail.
If I could go back and make this buying decision again, I would probably not purchase this text and just use something like Jonathan Levin's Mac OS X and iOS Internals, supplemented with Apple-specific material from the Web and any other security texts.
Technical issues aside, this book was desperately in need of a copy editor. I can't believe that this was published as-is. There are grammatical errors on seemingly every page. I know that a lot of people don't read technical books with a critical eye, but it really does affect the reading flow. All in all, a very unsatisfactory product.
Bottom Line No, I would not recommend this to a friend