Tag Archives: CycloneFR

[MacOS] Pushing OS X on PCs Major Steps Forward

yet another incomplete news (AIN)

Since David Elliot (also known as DFE) showed the OS X on PC scene how to boot Leopard Retail DVDs on non EFI systems (=standard PCs) using his „Boot 132 CD“ there is even more strong progress – OS X is technically almost completely untied from a Macintosh computer. Based on DFE’s findings a guy going by the nick Munky applied DFE’s strategy to already installed OS X operating systems. He digged into Intel’s EFI standard and found Apple fully respects it. During Leopard’s installation process Apple’s Disk Utility.app also puts a hidden first partition on your harddisk.


bash-3.2# diskutil list
/dev/disk0
#:                       TYPE NAME          SIZE       IDENTIFIER
0:      GUID_partition_scheme              *149.1 Gi   disk0
1:                        EFI               200.0 Mi   disk0s1
2:                  Apple_HFS Leopard       138.0 Gi   disk0s2

The diskutil list command here reveals that the disk is formatted in the GUID partition scheme (Apple’s standard). The first partition is called EFI and the second partition holds the operating system as we know it: Leopard. Intel’s standard requires to have such a partition for having space for specific hardware drivers that might be booted before the operating system gets loaded.

Munky now found a second thing: although Apple respects the EFI standard their own EFI implemented on their Macs simply does not use that partition. It is empty. He now applied a trick known in the ancient cracking days as stealth method. As he knows the real Macs don’t use the EFI partiton, he just reformats it as an HFS+ volume and turns it as the first boot partition. Inside this EFI boot partition there is an own kext-bootcache which can hold modified kexts matching the individual hardware basis while the original kexts remain untouched (and unused) in Mac OS’ original /System/Library/Extensions folder. Thus allowing to perform original Apple autoupdates without breaking the system.

But as using hacked or binary modified .kexts is not desirable for they should not be distributed because of their – well – controversal legal status, a french guy going by the name CycloneFr refined a loader technique. He defined loader.kexts that only replace device information in the Info.plist of original kexts at runtime. Thus using always the newest kexts from the /System/Library/Extensions folder but with different device information.

We are currently compiling a complete newbie tutorial for the above mentioned procedure for a standard system. You think this sounds like a dream? So we can tell you it is not. Leopard has been completely untied from Macintoshs. There is no need to illegally download hacked Leopard distros from darkest filesharing networks anymore. You can now buy a copy of Leopard and use that original Leopard retail DVD for installation.

But you may have expected it. What we described here currently requires to be able to run (and understand) commands on the terminal. This comes why the whole procedure is really new (Munky discovered and explained this about 2 months ago, DFE’s Boot 132 thing is only 5 months old). You see: this is something from tomorrow which you already get to use today. It will still take some more time, until this process is completely user friendly like an EFI-X device, but you will not be depending on a third party hardware, you will be able to maintain your system and you will learn how it works.