System Integrity Protection (SIP) TL;DR: Kernel-enforced restriction on what root can touch — protected paths and protected dyld behaviour. Stub — to be filled in. What it is TODO Preconditions / where it applies TODO Technique TODO Detection and defence TODO References TODO