• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Future of Apple's BSM auditing?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Future of Apple's BSM auditing?

  • Subject: Re: [Fed-Talk] Future of Apple's BSM auditing?
  • From: Todd Heberlein via Fed-talk <email@hidden>
  • Date: Wed, 2 Jun 2021 10:03:15 -0700
Thanks.

I’ll be curious to see how long it takes for the federal government to accept
the new architecture and tools that leverage Apple’s new network and endpoint
frameworks.


Last year, during a period of unemployment, I did some work with Apple’s new
network and endpoint frameworks. They are very nice.

My biggest confusion at the time was that software using the network security
framework *had to be* distributed through the Mac App Store, while software
using the endpoint security framework *could not be* distributed through the
Mac App Store.

Fortunately / unfortunately I picked up a new job last May and had to set the
work aside for a year. I’ll pick the work up again next week. 🤔😅


Todd


> On Jun 2, 2021, at 9:13 AM, Chris Stone <email@hidden> wrote:
>
> Hi Todd,
>
> I hope you are well. We announced at WWDC 2020 that the Endpoint Security
> Framework is intended to be a replacement for the BSM subsystem, among other
> things. The comment was made in the opening of this video.
>
> https://developer.apple.com/wwdc20/10159
> <https://developer.apple.com/wwdc20/10159>
> Check out Build an Endpoint Security app from #wwdc20
>
> Chris Stone
> Apple Inc
> 410-245-7543
>
>> On Jun 2, 2021, at 12:00 PM, Todd Heberlein via Fed-talk
>> <email@hidden <mailto:email@hidden>> wrote:
>>
>> After not working on Apple’s BSM auditing system for a few years, I just
>> took a quick look at some of the commands.
>>
>> Apple is listing all the man pages for audit, auditd, praudit, etc. as
>> deprecated.
>>
>> Have there been any discussions about Apple’s future support for BSM audit
>> system?
>>
>>
>> Thanks,
>>
>> Todd
>>
>>
>>
>> AUDITD(8)                 BSD System Manager's Manual
>> AUDITD(8)
>>
>> NAME
>>     auditd -- audit log management daemon
>>
>> SYNOPSIS (NOW DEPRECATED)
>>     auditd [-d | -l]
>>
>> DESCRIPTION
>>     The auditd daemon responds to requests from the audit(8) utility and
>> notifications from the ker-
>>     nel.  It manages the resulting audit log files and specified log file
>> locations.
>> ...
>> _______________________________________________
>> Do not post admin requests to the list. They will be ignored.
>> Fed-talk mailing list      (email@hidden)
>> Help/Unsubscribe/Update your Subscription:
>>
>> This email sent to email@hidden <mailto:email@hidden>

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >[Fed-Talk] Future of Apple's BSM auditing? (From: Todd Heberlein via Fed-talk <email@hidden>)
 >Re: [Fed-Talk] Future of Apple's BSM auditing? (From: Chris Stone via Fed-talk <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] Future of Apple's BSM auditing?
  • Previous by thread: Re: [Fed-Talk] Future of Apple's BSM auditing?
  • Index(es):
    • Date
    • Thread