Password Security Hole Discovered in Certain FileVault Configurations on OS X 10.7.3
ZDNet reports on the discovery of a significant breach of password security for certain users of Apple's FileVault encryption system under OS X Lion. Affected systems currently store the login information for every recent user of the machine in plain text, allowing for easy circumvention of encryption.
In specific configurations, applying OS X Lion update 10.7.3 turns on a system-wide debug log file that contains the login passwords of every user who has logged in since the update was applied. The passwords are stored in clear text.
Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 (whole disk encryption) is unaffected.
The issue was noted last Friday by David Emery on the Cryptome mailing list.
This is worse than it seems, since the log in question can also be read by booting the machine into firewire disk mode and reading it by opening the drive as a disk or by booting the new-with-LION recovery partition and using the available superuser shell to mount the main file system partition and read the file. This would allow someone to break into encrypted partitions on machines they did not have any idea of any login passwords for.
Emery also offers some suggestions for dealing with the issue, including turning on FileVault 2 and setting a firmware password on the machine in question.
The issue was actually first noted in the Apple discussion forums back on February 6, just days after OS X 10.7.3 was released to the public. That poster now notes that the issue may extend further than just the specific FileVault situation outlines by others, as he notes that he has experienced the same behavior on an OS X Lion virtual machine through VMware Fusion, without FileVault ever having been active on the installation. Consequently, the extent of the issue may not yet be fully known.
Apple has yet to offer any response to the issue, although it is unclear when the company became aware of it. Apple touts the security features of OS X Lion in its promotional materials for the operating system, with a focus on FileVault as an important component of that security, and it seems likely that the company will move as quickly as possible to investigate and fix the issue.
Popular Stories
Apple today seeded the release candidate version of iOS 18.5 to developers and public beta testers, giving us a look at the final version of the update that will be provided to the public next week.
With the release candidate, Apple provided release notes, so we have a more complete look at the new features that are included in the update, including those that weren't found during the beta...
If you owned a Siri-compatible device and had an accidental Siri activation between September 17, 2014 and December 31, 2024, you could be eligible for a payment from Apple as part of a class action lawsuit settlement.
Apple in January agreed to pay $95 million to settle a class action lawsuit involving Siri spying accusations, and a website to distribute the funds has now been set up and...
We've still got months to go before the new iPhone 17 models come out, but a combination of dummy models and leaks have given us some insight into what we can expect in terms of camera changes.
Apple is adding new camera features, and changing the design of the camera bump for some models. You might be skeptical of dummy models, but over the years, they've proven to be a highly accurate...
In its press release for the new Pride Band today, Apple said that iOS 18.5 is "upcoming," following more than a month of beta testing.
We expect the iOS 18.5 Release Candidate to be released this week, and this should be the final beta version, barring any last-minute bugs or changes. The software update should then be released to the general public next week.
iOS 18.5 is a relatively...
Apple plans to release its first foldable iPhone next year, according to several reporters and analysts who cover the company.
In his Power On newsletter today, Bloomberg's Mark Gurman said the foldable iPhone will offer two key advantages over other foldable smartphones.
First, he said the foldable iPhone will have a "nearly invisible" crease when unfolded. This means the device's...
The first iOS 19 beta is just one month away, and there are already many new features and changes that are expected with it.
Apple should seed the first iOS 19 beta to developers immediately following the WWDC 2025 keynote, which is scheduled for Monday, June 9. Following beta testing, the update should be released to the general public in September.
Below, we recap the key iOS 19 rumors...
Apple's upcoming foldable iPhone will feature a new type of display panel developed by Samsung that has never been used in a foldable product, claims a source with links to Apple's supply chain.
According to the account yeux1122 on the Korean Naver blog, the foldable iPhone will use a custom display process for which Apple will hold branding trademark rights, and that meets Apple's stringent ...
Despite being more than two years old, Apple's AirPods Pro 2 still dominate the premium wireless‑earbud space, thanks to a potent mix of top‑tier audio, class‑leading noise cancellation, and Apple's habit of delivering major new features through software updates. With AirPods Pro 3 widely expected to arrive in 2025, prospective buyers now face a familiar dilemma: snap up the proven...