top | item 45299711

(no title)

mugsie | 5 months ago

it would generally be for environments where the browser is locked down as well, or has a special extension installed for "security". In a lot of those cases the shell is recorded and send to a central tool, but the webview would not be logged

discuss

egorfine|5 months ago

> the shell is recorded and send to a central tool

Challenge accepted. And it's not a huge challenge. I'd say not even a mild one.

mugsie|5 months ago

yup, its really not that hard to break, but to break without the tool noticing is harder.

they usually work in kernel extensions or use https://developer.apple.com/documentation/endpointsecurity - which gives them pretty good coverage of all the processes running, and arguments etc

boomlinde|5 months ago

What challenge?