Researcher Created a macOS Image Generator Called ‘Docker-OSX’

• A security researcher has published a tool called "Docker-OSX", bringing macOS to Docker containers.
• The key aspect of the tool is that it can generate valid serial numbers for macOS hardware.
• The tool is lifting restrictions in macOS security research, enabling anyone to join.

An anonymous researcher using the nick “Sick.Codes” created an open-source tool called "Docker-OSX", and it's really getting traction on GitHub. The tool allows anyone to run MacOSX on a Docker container, building on OSX-KVM and the work of the OpenCore community, but it makes the generation of valid macOS images to use on virtual machine hosts a very easy procedure.

The key in the word "valid" - and the reason why Docker-OSX is so unique, is that it can generate serial numbers for Apple hardware that allows the user to access and use iMessage, iCloud, and the App Store, so it’s essentially an almost fully-fledged macOS image.

As the developer told us, the "magic" of the serial number generation lies in combining elements from the OpenCorePkg, MAC addresses by Apple, and the UUID gen utility. Docker-OSX essentially packs everything together, enabling users to generate as many as they like.

So, someone could create 50 perfectly valid iMac Pros, or even 10,000 Macbooks, generating an army of unique virtual machines on Docker, for whatever purpose. From security research to server-level deployments and from programming for the macOS platform to just experimenting with Apple’s proprietary software, Docker-OSX can help with a wide range of applications that the Cupertino company would normally never offer.

In fact, only two days ago, we covered the news about a leak of an internal AppleCare email which indicates that Apple is actually planning to randomize its serial numbers, making the generation of valid hardware IDs a lot harder than what it currently is. We’ve asked Sick.Codes about how that would affect "Docker-OSX," and he told us that it could change the iMessage login procedures, so it could prevent some aspects of the image's functionality.

As for the legal aspect of using "Docker-OSX," while it's obvious that Apple doesn’t want people to use tools of this kind, the work of Sick.Codes don't contain anything that is copyright protected, so it doesn't violate anything, and it should stay unmoved on GitHub. Also, the researcher told us that he is an active participant in the Apple Bug Bounty Program, so the intention isn't to enable piracy but to lift restrictions from the space of research.

All that said, users of Docker-OSX shouldn't be afraid of facing similar threats to those that Apple launched in relation to Corellium, even if some EULAs are still violated here, no doubt. In fact, there are even large and known companies among a total of 50,000 unique downloads that Docker-OSX has had thus far. These numbers tell us that the tool is really taking off, and the community is loving it.

As Sick.Codes told us: