There are two types of people in the world… those who love strace (and ltrace!) and the other 99.999% of people who have never heard of strace. This is for the former.
I’ve always loved (and hated at times) strace, and always wanted it for the mac. So armed (clawed?) with the mighty OpenClaw and Claude Code I decided to revisit a project I’d previously thrown myself at: taming Apple’s dtrace along with a web UI that would allow easier analytics for a DARPA proposal. All at – https://github.com/zenfish/f8
From my original writeup – or, as I said – “when I was young, yet dirt was still old”….
Software complexity has grown substantially; to combat this software installers hide a lot of behind-the-scenes activity so we don’t have to deal or understand what goes on. Yet security- wise such abstractions can be quite problematic. What happens when I hit the “next” button on that installer? When I install yet another package via the Mac’s port or brew command, Linux’s apt/yum/etc., Python’s pip, Perl’s CPAN, etc. – what is actually going on back there? Is the software installing backdoors, sending data back to the mother ship, or simply installing a few files to make the software work as advertised? Where is the stuff even coming from – the local disk, GitHub, China, or somewhere else?
This is a proposal to write software that will enable a modestly technical person to see and understand what happens when a program is executed, and in particular to observe the execution of a software installer. This includes highlighting what resources are consumed, what programs are executed, what memory or file reads and writes happen, revealing the location of where the data is accessed or sent to, how much data there was, etc. There do exist programs that look at disk activity, and a whole bunch of various monitoring and debugging tools, but it’s a bit trickier to really follow what’s going on, let alone let someone not skilled in the arts to understand.
Not a lot of macs to test on, if you decide to give it a whirl feel free to drop me a line if it didn’t/did work.
Be well in these troubled times.
Leave a Reply
You must be logged in to post a comment.