Registration

09:00 - 10:15

Come get your conference badge, your T-shirt, and get ready for four days of fun and tech in Göteborg.

While you eagerly await the start of this year's event you can get a coffee, a snack, maybe meet some familiar faces, and say hello to this year's exhibitors.

Welcome

10:15 - 10:45
Patrik Jerneheim - MacSysAdmin

Hello and welcome to MacSysAdmin Conference 2024. Get the latest information about the who, when and where around this year's conference.

Join us for a short session about what to expect from the MacSysAdmin Conference 2024.

What's Up!

10:55 - 11:50
Speakers - Organization

The IT industry is buzzing with advancements in cloud transformation, cybersecurity, and AI. Key players are driving innovation in IT hardware, while other are enhancing AI capabilities. Meanwhile, regulatory scrutiny on data privacy and security remains a critical focus.

Come get the latest from the greatest.

Acme, I Won’t Say No

12:05 - 13:00
Joel Rennich - Jumpcloud

While certificates may not be on the top of your list of what you find exciting, this session will work to change that. Learn about how most certificates are currently issued, SCEP (Simple Certificate Enrollment Protocol), and how you can replace that with modern ACME (Automatic Certificate Management Environment) flows.

This session will walk you through best practices around cert issuance and renewal, when certs are used and how you can do more with them. In addition we will have some live certificate enrollments! See what happens when a cert expires before your eyes. Learn what makes a good challenge. Be dazzled when hardware encryption makes for non exportable certificates.

Exhibitor - Fleet

14:00 - 14:25
JD Strong - Fleet
Brock Walters - Fleet

Streamlining MDM with GitOps
We will explore leveraging GitOps principles to streamline and automate your MDM workflows. Using Fleet’s public GitHub repositories as a case study, we will demonstrate how Fleet manages their devices in a public repo. Whether managing a small fleet or thousands of devices, this session will equip you with the tools and knowledge to enhance your MDM strategy through GitOps.

macOS Application Packaging 101

15:55 - 16:50
Rich Trouton - Jamf

This session will discuss the various ways Apple recommends for packaging applications, with a focus on installer packages. As part of this session, we’ll be discussing:

• Installer package components
• How to set permissions for applications being installed
• How scripting can be used with installer packages
• Various tools used to build installer packages.

Advice for Digital Transformation

17:00 - 17:30
Danielle James - WPP
Arek Dreyer - Kandji

This session will get attendees excited about their mission to help people in their organization (or the people in their customers’ organizations) and help set the stage for the rest of the week.

Exhibitor - Zentral

Social Voting for Santa

9:00 - 9:25
Henry Stamerjohann - Zentral

Upvote is dead, long live Upvote! We’re bringing back Social Voting for Santa. Borrowing heavily from the original Upvote project, we’re leveraging Zentral’s Event System and Santa’s new target types for our new and improved Voting System. A good blocklist is a Sisyphean task. Allowlisting is either bad for your users or your resources. Join us to see how Social Voting overcomes the biggest challenges with Application Allowlisting.

Santa Past, Present, and
Future - A Christmas Carol

9:35 - 10:30
Matt White - North Pole Security
Pete Markowsky - North Pole Security

Santa is a critical security tool empowering companies across industries to lockdown their fleets and minimize their exposure to risks. There are major changes coming to Santa. We'll be discussing how Santa secures your deployments as well as the exciting future of the project.

Managing Macs

Things I Wish I Knew Earlier On

10:55 - 11:50
Søren Theilgaard - Envo IT

This session is hands on for a live disaster, or hopefully a successfully deployment! Søren will talk about various important settings and show best practices of how to configure and deploy various settings and policies. Troubleshooting the MDM settings on the client, and figuring out which profile installed which settings, or maybe two different profiles installed the same setting. Session will be independent of MDM system.

A MacSysAdmin
2024 ’Toolbox’

12:05 - 13:00
W. Andrew Robinson - Krene K.K.

What a year 2024 has been! There were so many questions that came up over the past 12 months, many of them starting with ‘Why’ and ‘When’ in addition to the usual ’How.’

In this talk we will look at the tools and techniques your speaker found useful in answering those questions, and the unusual sources of inspiration those answers came from, in hopes that the challenges faced will provide some useful ideas as you work in your own environments, situations and teams.

Exhibitor - OWC

14.00 - 14.25
Tim Standing - OWC

Why you will want to upgrade to
macOS 15 and SoftRAID 8.3

You may be feeling cautious about upgrading to macOS 15. At OWC we have been testing it all summer, reporting problems to Apple and tracking their progress in getting fixed. I wiI will go over some of these changes, all of which makes this new version of macOS a compelling upgrade for most users.

At OWC, we have spent the last year making SoftRAID an even better solution for RAID storage on Mac and Windows. I will describe how added features allow you to better predict when your storage hardware will fail. I will also describe changes we have made to the SoftRAID driver which increase performance, decrease CPU utilization and make SoftRAID volumes even more reliable.

Streamlining
macOS Operations

Empowering efficiency with
Microsoft Intune

14:35 - 15:30
Marc Nahum - Microsoft

What is Microsoft Intune behind the scenes? What did we achieve last year, and what will we accomplish next year? Are Zero Day Support, DDM Software Update, and platform SSO working? Who can help when you have an idea but no time? Many questions who will be answered during this session!

History of Disk Arbitration Vulnerabilities

15:55 - 16:40
Csaba Fitzl - Kandji

The disk arbitration daemon (diskarbitrationd) has and is a great target for attackers because it runs unsandboxed, has root level privileges and has full disk access permissions, moreover it's reachable from any sandboxed application. As an added benefit it's also open source, thus easier to audit.

In this talk I will give a walk through of DA internals, how it works, how a process can communicate with it, and what kind of defenses it has to mitigate attacks. Then I will walk through all the publicly known vulnerabilities and how Apple fixed each of them. We will see sandbox escapes, privilege escalations and also full TCC bypasses. We will review how Apple fixed each of them, where one of them is probably the most genius fixes of all time.

Automated Testing of
Managed Applications

09:35 - 10:30
Katiuscia Zehnder - ETH Zürich
Graham Pugh - Jamf

ETH Zurich have developed a highly automated workflow for the deployment of applications to Mac computers. As described in Graham's MacSysAdmin 2021 presentation, every part of the process from obtaining the installation material to deploying apps to production Mac computers is performed using AutoPkg recipes... with the exception of testing that the application actually works! But relying on manual testing of software can lead to delays in releasing security patches.

Building on top of the existing automation workflow, Kati has been developing a method to automatically test whether certain managed apps can be safely released to production computers. But what does "ready for production" mean? What can be tested automatically? And, do we need to test at all?

Kati and Graham assess the risks of deploying software without a testing procedure, and go into detail how they have been working to fill this final gap in the automation workflow.

Lunch

13:00 - 14:00
Kårrestaurangen - Chalmers Conference Center
Don't forget to wear your conference badge!

The Hidden Treasure(s)
of Crash Reports

14:35 - 15:30
Patrick Wardle - DoubleYou

Sadly, nobody really loves crash reports, but I'm here to change that!

This crash course in crash reports will highlight how these often overlooked files are an invaluable source of information, capable of revealing malware infections, exploitation attempts, or even buggy (exploitable?) system code. Such insights are critical for defense and offense, empowering us to either protect or exploit macOS systems.

To start, we will explain exactly how to understand the structure and information provided in a crash report. Then, we'll show how this information, which often serves as little more than a digital breadcrumb, can however ultimately reveal the exact cause of the crash. Of course, this journey requires a solid understanding of reverse engineering, so we'll briefly touch on topics such as disassembling and debugging ARM64.

Next, we'll apply what we've learned to work through various real-life crashes that revealed flaws such as uninitialized pointers, use-after-frees, and heap overflows. And yes, some still exist on macOS even today.

Platform SSO
For Mere Mortals

15:55 - 16:50
Arek Dreyer - Kandji

Apple's documentation headline is, "Use credentials from macOS login to perform single sign-on with an identity provider." This session assumes you don't run your own Identity Provider (IdP), and covers the basics of Platform SSO (PSSO) with existing implementations from IdPs.

One might dream of a day where a providing IdP credentials during Automated Device Enrollment results in automatically setting up a local Mac account and registering the Mac with the IdP, but that day is not today. In the meantime, let's celebrate the existing benefits of PSSO for admins and for users.

Managed Apple Accounts
and the Wary Admin

09.35 - 10:30
Tom Bridge - Jumpcloud

Managed Apple Accounts have gone through a metamorphosis over the last few years, gaining features, getting new abilities, and taking on a more active role within our lives as administrators.

This talk will cover how and when they make sense for your business, new capabilities for use in your environments in this year's releases, and present a vision for what's possible with Managed Apple Accounts.

What’s inside the black box
which makes AI work

10:55 - 11:50
Tim Standing - Other World Computing

When I first heard about AI, I wanted to understand how it actually works. I kept hearing about how many thousands of video cards were required for training and how many millions of dollars of electric it takes. But there was no explanation of what was going on. How is a model created and how does it subsequently get used to answer queries, help drive cars and as of this fall, run on our iPhones.

This talk will answer the question of what is inside the black box which makes the AI magic happen.

OWC Raffle

11:50 - 12:00
Tim Standing - Other World Computing

Lunch

12:00 - 13:00
Break Area - Chalmers Conference Centre
Don't forget to wear your conference badge!

Swift - The Eras Tour

(Armin's Version)

13:00 - 13:55
Armin Briegel - Jamf/scriptingosx.com

It has been ten years since Apple introduced Swift. We will Speak Now about the Folklore and Reputation of the programming language, peek into The Tortured Programmers Department to see what it takes to build a tool or app, and fearlessly check out some great tools from the community made with Swift.

Round Table Discussion

14:05 - 15:00
Everybody

Roundtable discussions are a fantastic platform for exchanging ideas and learning from others. IT is a rapidly evolving field, and staying updated with the latest trends, technologies, and best practices is crucial. Engaging with experts and peers can provide valuable insights that are not always accessible through traditional learning methods.

Come get your tech on.