{"id":2934,"date":"2012-05-07T18:44:25","date_gmt":"2012-05-07T16:44:25","guid":{"rendered":"http:\/\/blog.netspark.de\/?p=2934"},"modified":"2012-05-08T10:31:52","modified_gmt":"2012-05-08T08:31:52","slug":"mac-os-x-with-a-big-security-hole","status":"publish","type":"post","link":"https:\/\/blog.netspark.de\/?p=2934","title":{"rendered":"Mac OS X with a big security hole?"},"content":{"rendered":"

\"\"What almost sounds impossible, seems true right now. The usually so-secure
\nMac OS X seems to have a big security hole allowing hacers to spy on passwords.
\nIt seems as if FileVault has a Debug option that allows writing unencrypted
\npasswords to FileVault files to the log file. This debug option has been…<\/p>\n

activated with the udate of Lion (10.7.3) this year and it seems as if only users are are affected, who had installed Snow Leopard before.<\/p>\n

The actual FileVault 2 does not have this security leak. I still am amazed that Apple allows this kind of security hole, that allows the exposure of private data.<\/p>\n

However it needs some skills to read out the passwords. These are the Firewire-Disk-Mode of the host system that allows access to the log file or the Superuser shell from the recovery partition.<\/p>\n

So the chance is rather small that you can be hacked from outside. Yet it’s not a thing to wave security around with.<\/p>\n

As upon research it seems as if a user has reported this issue in early February in the global Apple support forums but didn’t get any reply there. Weird!<\/p>\n

For all those who want to read the source: read here<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

What almost sounds impossible, seems true right now. The usually so-secure Mac OS X seems to have a big security hole allowing hacers to spy on passwords. It seems as if FileVault has a Debug option that allows writing unencrypted passwords to FileVault files to the log file. This debug option has been…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[55,4,3],"tags":[385,1698,1697,1700,1696,1699],"class_list":["post-2934","post","type-post","status-publish","format-standard","hentry","category-computer-2","category-curiosities","category-news","tag-apple","tag-backup","tag-filevault","tag-password","tag-security-hole","tag-timemachine"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts\/2934","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2934"}],"version-history":[{"count":0,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=\/wp\/v2\/posts\/2934\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.netspark.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}