Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the surprising ease with which macOS users' locations can be determined without their consent in this 27-minute conference talk from Objective by the Sea v8.0. Begin by examining the macOS privacy framework and understanding why location services operate as a distinct privacy subsystem, then dive into how location permissions are stored and discover architectural weaknesses in the location database. Analyze the attack surface of location services, learn about side-channel attacks, and master techniques for obtaining non-precise location data. Discover both previously disclosed and newly identified vulnerabilities that lead to precise location data leaks, review Apple's patches for these security issues, and explore future research directions in location privacy. Uncover how attackers can compromise user location data without requiring macOS zero-day exploits by leveraging third-party applications that willingly share location information with any requesting app. Gain actionable detection strategies for blue teams to mitigate these location privacy risks, presented by Principal Security Specialist Wojciech Regula, who has discovered 60+ CVEs in Apple products and specializes in application security on Apple devices.
