Password Security Hole Discovered in Certain FileVault Configurations on OS X 10.7.3
ZDNet reports on the discovery of a significant breach of password security for certain users of Apple's FileVault encryption system under OS X Lion. Affected systems currently store the login information for every recent user of the machine in plain text, allowing for easy circumvention of encryption.
In specific configurations, applying OS X Lion update 10.7.3 turns on a system-wide debug log file that contains the login passwords of every user who has logged in since the update was applied. The passwords are stored in clear text.
Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 (whole disk encryption) is unaffected.
The issue was noted last Friday by David Emery on the Cryptome mailing list.
This is worse than it seems, since the log in question can also be read by booting the machine into firewire disk mode and reading it by opening the drive as a disk or by booting the new-with-LION recovery partition and using the available superuser shell to mount the main file system partition and read the file. This would allow someone to break into encrypted partitions on machines they did not have any idea of any login passwords for.
Emery also offers some suggestions for dealing with the issue, including turning on FileVault 2 and setting a firmware password on the machine in question.
The issue was actually first noted in the Apple discussion forums back on February 6, just days after OS X 10.7.3 was released to the public. That poster now notes that the issue may extend further than just the specific FileVault situation outlines by others, as he notes that he has experienced the same behavior on an OS X Lion virtual machine through VMware Fusion, without FileVault ever having been active on the installation. Consequently, the extent of the issue may not yet be fully known.
Apple has yet to offer any response to the issue, although it is unclear when the company became aware of it. Apple touts the security features of OS X Lion in its promotional materials for the operating system, with a focus on FileVault as an important component of that security, and it seems likely that the company will move as quickly as possible to investigate and fix the issue.
Popular Stories
iOS 19 is still around six months away from being announced, but a new leak has allegedly revealed a completely redesigned Camera app.
Based on footage it obtained, YouTube channel Front Page Tech shared a video showing what the new Camera app will apparently look like, with the key change being translucent menus for camera controls. Overall, the design of these menus looks similar to...
Apple on late Saturday removed TikTok from the App Store in the U.S., and it has now explained why it was required to take this action.
Last year, the U.S. passed a law that required Chinese company ByteDance to divest its ownership of TikTok due to potential national security risks, or else the platform would be banned. That law went into effect today, and companies like Apple and Google...
Apple today adjusted estimated trade-in values for select iPhone, iPad, Mac, and Apple Watch models in the U.S., according to its website.
Some values increased, while others decreased. The changes were not too significant, with most values rising or dropping by $5 to $50.
We have outlined some examples below:
Device
New Value
Old Value
iPhone 15 Pro Max
Up to $630
U ...
Apple provided the third beta of iOS 18.3 to developers today, and while the betas have so far been light on new features, the third beta makes some major changes to Notification Summaries and also tweaks a few other features.
Notification Summary Changes
Apple made multiple changes to Notification Summaries in response to complaints about inaccurate summaries of news headlines.
For...
iOS 19 will not drop support for any iPhone models, according to French website iPhoneSoft.fr.
The report cited a source who said iOS 19 will be compatible with any iPhone that can run iOS 18, which would mean the following models:
iPhone 16
iPhone 16 Plus
iPhone 16 Pro
iPhone 16 Pro Max
iPhone 15
iPhone 15 Plus
iPhone 15 Pro
iPhone 15 Pro Max
iPhone 14
iPhon...
After a four-year wait, a new AirTag is finally expected to launch in 2025. Below, we recap rumored upgrades for the accessory.
A few months ago, Bloomberg's Mark Gurman said Apple was aiming to release the AirTag 2 around the middle of 2025. While he did not offer a more specific timeframe, that means the AirTag 2 could be announced by the end of June.
The original AirTag was announced...
For the last several months, we've been hearing rumors about a redesigned version of the iPhone 17 that Apple might call the iPhone 17 "Air," or something along those lines. It's going to replace the iPhone 17 Plus as Apple's fourth iPhone option, and it will be offered alongside the iPhone 17, iPhone 17 Pro, and iPhone 17 Pro Max.
We know the iPhone 17 Air is going to be super slim, but...
In September, Apple said that it would be launching Powerbeats Pro 2 in 2025, and it appears the wireless earbuds are coming very soon.
Powerbeats Pro 2 images found in iOS 18 code
In his Power On newsletter today, Bloomberg's Mark Gurman said the Powerbeats Pro 2 are "due imminently." In addition to Apple filing the Powerbeats Pro 2 in regulatory databases last month, Gurman said Apple is...
