Explore the vulnerabilities of the iPhone XS Max in this Black Hat conference talk. Delve into Apple's Pointer Authentication Code (PAC) implementation and uncover an ancient bug in the XNU kernel that affects even the latest iOS releases. Learn how to exploit this vulnerability to bypass PAC and gain arbitrary kernel read/write access. Examine topics such as Unix Domain Socket, race conditions, use-after-free (UAF) vulnerabilities, and unprotected control flow transfer points. Discover the process of adding trust caches and gaining SSH access on the iPhone XS Max. Gain valuable insights into mobile device security and penetration testing techniques from speakers Tielei Wang and Hao Xu.