Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Alert: OX X Lion update exposes encryption passwords

May 6th 2012 in Uncategorized

This, I would have to say, is a pretty basic, and bad, screwup.

“a quality assurance mistake can cause OS X users’ FileVault encryption passwords to be exposed”

Cite: http://nakedsecurity.sophos.com/2012/05/06/apple-update-to-os-x-lion-exposes-encryption-passwords/?utm_source=facebook&utm_medium=status+message&utm_campaign=naked+security

“It appears that a debug option was accidentally left enabled in FileVault, resulting in the user’s password being saved in plain text in a log file accessible outside of the encrypted area.

Anyone with access to the disk can read the file containing the password and use it to log into the encrypted area of the disk, rendering the encryption pointless and permitting access to potentially sensitive documents. This could occur through theft, physical access, or a piece of malware that knows where to look.”


Comments are closed.

checkingserve.com ICANN Registrar: Register.com Inc Created 24 April 2012 IP: 216.21.239.197 Registrant: Tom Baker (medows_time@yahoo.com) ***** trackingserviced.com ICANN Registrar: Register.com Inc Created 26 April 2012 IP: 216.21.239.197 Registrant: Tom Baker (medows_time@yahoo.com) ***** directionmedian.com ICANN Registrar: […]

Previous Entry

Subject: “FWD: ALERT: You have an E-Card from your Secret Admirer.   Clicking on the URL leads you here – just so we’re all clear, nobody actually has a crush on you (sorry):   Click on “My Profile and Pics” and you end up at adultfriendfinders.com: […]

Next Entry

Archives