Category Archives: Uncategorized

https is now (finally) supported!

Hummm this is something that I should have done a long time ago but was always too lazy since there’s not highly critical information here (except some hashes and my PGP key/id).

Anyway, you can finally access the blog over
I still need to understand if there’s any impact on Google search stuff by moving it to https only.

Better late then never. Oh and fuck you David Cameron and your stupid populist ideas ;-).

Have fun,

Happy New Year!

A few days late but, Happy New Year!
2014 is gone and it was an interesting year. Learnt quite a few new things in different areas, created tons of code, and got a couple of very interesting ideas to explore in 2015.

It also ended in a great way with a visit to CodeBlue to present BadXNU, a rotten apple.
If there’s city and country I always wanted to visit, those were Tokyo and Japan. My (unusual) quite high expectations were matched by a very interesting mega city. I was quite surprised with its efficiency for such a gigantic town. And because I don’t speak Japanese I loved every “lost in translation” moment, where shop attendants kept speaking in Japanase. I don’t know, I just love small things :-). Definitely can’t wait to get back to Tokyo and keep discovering the city; there are too many things to see, and still missing the rest of Japan. Phewwww!

CodeBlue definitely shattered my expectations. It was impecably organized (many thanks to Kana, Kentaro, Tessy, and everyone else for their amazing work and effort), was packed on both days (!), had a curious and motivated audience (at least that was my feeling), and a great program. Definitely highly recommended if you want to attend or speak there.

Unfortunately you will have to wait for SyScan 2015 for the slides and source code. I always like to release everything as soon as possible but this time it’s special so please allow me the exception. I guess it will be worth the wait ;-).

2015 is starting with extremely motivated work on the OS X Rootkits book. Due to many reasons the project was stopped but I finally got the time and focus to resume work and make it a reality, together with my co-authors nemo and snare. I really hope it will be worth the wait, we are going to do our best. So keep an eye for it.

Last but not least, I’m linking to the SyScan 360 slides. I forgot to write a post about SyScan360 and link those slides. The slide count is a bit bigger than the ShakaCon set (I can’t remember the differences now but I probably tuned some details and added a few things).

SyScan 360 – Fuck You Hacking Team

Hope you have a great year and stay healthy.
Have fun,

Happy new year, 2013 edition!

And 2012 (Gregorian calendar version) is almost over so it’s time to look back and ahead.

This year was certainly a great one for myself. Had quite a few interesting projects, went to Asia and spoke at conferences for the first time, improved a lot my skills and fulfilled the main 2012 goal. It was certainly a very busy but fun year that set the pace for 2013. The projects’ queue for 2013 is already very interesting with lots of (fun) work ahead! If everything goes as expected, April will bring a nice article and the end 2013 or early 2014 something else, hopefully a very interesting one ;-).

I will keep doing my best to keep this blog alive and publish whatever (interesting) things I find out, outside those (pesky) NDAs.

The best wish I have for 2013 is health (as in all other years). It’s health that keeps you alive and it’s the great richness one can have. I’ve been very lucky in this department and I hope to continue like that. I wish the same for you!

Happy new year and keep having fun. Life is short so do crazy things 🙂


5 years of

Happy birthday to this blog!

In 2007 I bought my first-ever Apple computer and started this blog. The amount of (public) reverse-engineering related information was scarce, cracking in particular. It was a whole new platform to me and a blog would be a good way to share my findings with others. I had experienced this with the PalmOS platform, where I created quite a few tutorials but never made them public. This time I wanted to share the information and improve knowledge.

The initial posts were mostly focused on cracking and (naturally) then evolved to other areas. The OS X and iOS reverse-engineering knowledge is much better these days but there’s still so much room for improvement. This blog is one of the most popular in this area and probably helped many reversers to get into the OS X and iOS platforms. It contains a lot of information and work into it. I really enjoy to spread and improve knowledge. It forces me to seek more instead of settling. I hope this blog has been useful to you in one way or another.

New friends were made, tools were created, tricks were discovered, legal troubles almost happened, moral dilemmas and temporary shutdown ensued, extremely interesting consulting projects happened, spoke at two conferences, and so on. It was pretty interesting the amount of things that originated from a simple blog. My expectations were blown away!

2013 is almost here. Very interesting projects are about to start, and I expect an extremely and interesting busy year. News about that one of these days :-). I will do my best to keep writing and releasing code. There’s still a lot of work to be done and I want to keep being part of it!

Enjoy life and have fun. Do crazy stuff and challenge everything. Knowledge and the world only improve if people challenge the establishment. There’s no perfect moral or ethics so try to achieve a balance. Read a lot, from different areas and things contrary to your current opinions. Keep challenging and reinventing yourself. Don’t settle! Perfection is an illusion but it’s fun trying to achieve it. Always aim high, you will reap great rewards!

A big thank you to everyone!

Yours truly,

See you in Asia!

I will be presenting in Taiwan at Hitcon, and in Seoul at Secuinside. If you are there, come and say hi! I don’t bite 🙂

The Taiwan presentation will be focused on OS X malware and Seoul about starting reversing adventures in OS X/iOS. While slides shouldn’t be the presentation main focus, I’m trying to make them usable for everyone outside the conferences. It’s not an easy task and the introduction to reversing is revealing itself harder than I thought :-). Some knowledge is not easy to codify.

Let’s see how this goes. I hope both presentations have interesting content and you don’t fall asleep. I’m doing my best, I hate boring presentations!

See you!


A little social and economics experiment

I have a passion for the human brain and human behavior and I love to experiment with anything. My birthday is near so it’s a good time to go forward with this idea.
The starting point is that this blog is absolutely non-profit oriented and that status will remain forever – no banners, no donations, etc. I do it purely for fun, pleasure and knowledge improvement, altough it generates positive externalities (aka work!).
I am curious to observe what would be the result of  sort of asking something in return (sort of what is the value for you). I love books (physical ones!) and that is what I am asking for. My initial idea was to create an Amazon wish list. This doesn’t work because it will disclose my shipping address. The solution that seems to work without major problems is an Amazon gift certificate – an email address and that’s it.

So what kind of amounts are we talking about ? I have a very positive experience with the Amazon Marketplace and second-hand books. The descriptions are very accurate and I purchased books as new for awesome prices. As a reference point the total cost of each book I get is around €8 to €12 ($10 to $15, £6.5 to £10, including shipping (usually the significant cost!). I usually purchase from or (gift certificates can’t be exchanged between different countries). The email address for this experiment is amazonexperience at

Let’s see how this works out. The only risk you have is if it’s a success and I get a ton of new books. Then I will have to dedicate more time to read them and less time to publish stuff! Hey, life is risky 😉