macOS Keychain Security Flaw Discovered by Researcher, but Details Not Shared With Apple Over Bug Bounty Protest

German security researcher Linus Henze this week discovered a new zero-day macOS vulnerability dubbed "KeySteal," which, as demoed in the video below, can be used to get to all of the sensitive data stored in the Keychain app.

Henze appears to use a malicious app to extract data from the Mac's Keychain app without the need for administrator access or an administrator password. It can get passwords and other information from Keychain, as well as passwords and details for other macOS users.


Henze has not shared the details of this exploit with Apple and says that he won't release it because Apple has no bug bounty program available for macOS. "So blame them," Henze writes in the video's description. In a statement to Forbes, Henze clarified his position, and said that discovering vulnerabilities takes time.

"Finding vulnerabilities like this one takes time, and I just think that paying researchers is the right thing to do because we're helping Apple to make their product more secure."

Apple has a reward program for iOS that provides money to those who discover bugs, but there is no similar payment system for macOS bugs.

According to German site Heise Online, which spoke to Henze, the exploit allows access to Mac Keychain items but not information stored in iCloud. Keychain is also required to be unlocked, something that happens by default when a user logs in to their account on a Mac.

applekeychain
Keychain can be locked by opening up the Keychain app, but an admin password then needs to be entered whenever an application needs to access Keychain, which can be inconvenient.

Apple's security team has reached out to Henze, according to ZDNet, but he has continued to refuse to provide additional detail unless they provide a bug bounty program for macOS. "Even if it looks like I'm doing this just for money, this is not my motivation at all in this case," said Henze. "My motivation is to get Apple to create a bug bounty program. I think that this is the best for both Apple and Researchers."

This isn't the first Keychain-related vulnerability discovered in macOS. Security researcher Patrick Wardle demoed a similar vulnerability in 2017, which has been patched.

Top Rated Comments

Scottsoapbox Avatar
26 months ago
How does Apple not have a bug bounty program? Did they start believing their own marketing on Mac OS?
Score: 66 Votes (Like | Disagree)
Goompa Avatar
26 months ago
It doesn’t surprise me. It’s been long time since Apple seemed to care about macOS.

I’m happy for the researcher. Let’s put some pressure on the giant.
Score: 45 Votes (Like | Disagree)
AngerDanger Avatar
26 months ago
Thank god! It was so time-consuming having to double FaceTime call people and wait for them to casually list their passwords as part of natural conversation.
Score: 34 Votes (Like | Disagree)
CE3 Avatar
26 months ago

I understand that finding flaws isn't always an easy thing and can take highly educated/skilled people lots of time to find things like this however no one is forcing this guy to do it.

This sounds a bit like extortion to me.

Extortion implies that not informing developers of bugs is illegal, which it isn’t of course. Apple has likely “reached out” to offer a reward, but he says his motivation is to use this as an opportunity to get a reward program in place for everyone. Good for him. it will probably happen now.

Yes, no one forced him to find this vulnerability, but if you’re a macOS user you should be thankful that he did.
Score: 29 Votes (Like | Disagree)
displaced Avatar
26 months ago
Hmm.

Are Bug Bounty rewards a good idea which provide incentive and reward to bug researchers? Yes. Should Apple have one for macOS? Most likely.

Should a researcher withhold details on a discovered bug as a protest about the lack of a bounty? I don't think so. It seems both unprofessional and dangerous.
Score: 28 Votes (Like | Disagree)
lostngone Avatar
26 months ago
I understand that finding flaws isn't always an easy thing and can take highly educated/skilled people lots of time to find things like this however no one is forcing this guy to do it.

This sounds a bit like extortion to me.
Score: 25 Votes (Like | Disagree)

Top Stories

iphone 5s black slate

Images of Unreleased iPhone 5s in Black and Slate Shared Online

Sunday January 17, 2021 9:47 am PST by
Twitter user @DongleBookPro has today shared images of a prototype iPhone 5s in an unreleased Black and Slate color. The iPhone 5s was launched in September 2013. The device featured Touch ID, a 64-bit processor, and a True Tone LED flash for the first time. Other new features included a five-element lens with an f/2.2 aperture, a 15 percent larger camera sensor, Burst Mode, and Slo-Mo...
iP12 charge airpods feature 2

Hidden iPhone 12 Hardware Feature Could Still be Unlocked

Thursday January 14, 2021 2:51 am PST by
All iPhone 12 and iPhone 12 Pro models purportedly have a hidden reverse wireless charging feature, according to an FCC filing. The feature has not yet been activated, but could yet be unlocked for an upcoming Apple accessory. The FCC filing suggests that iPhone 12 models contain the hardware for Wireless Power Transfer (WPT) to accessories: In addition to being able to be charged by a...
Top Stories 43 Feature

Top Stories: MacBook Pro, iMac, Mac Pro, and iPhone Rumors, Best of CES 2021

Saturday January 16, 2021 6:00 am PST by
This week was sure a busy one in the Apple world, with a flurry of announcements out of CES early in the week followed by a rash of Mac- and iPhone-related rumors later in the week. The new rumors this week included details on updated MacBook Pro, iMac, and Mac Pro models, as well as a few other tidbits, so make sure to read on below to get caught up! Kuo: New MacBook Pro Models to...
foldable iPhone concept feature

Apple Testing In-Display Fingerprint Sensor for iPhone 13, Foldable iPhone Also in the Works

Friday January 15, 2021 1:46 pm PST by
Apple has started "early work" on an iPhone that has a foldable display, according to a new report from Bloomberg's Mark Gurman. Though testing of a foldable iPhone has begun, Apple has not committed to releasing a device that has a foldable display. Development has not yet expanded beyond a display and Apple does not have full foldable iPhone prototypes in its labs. Like foldable...
16inchmacbookpromain

Kuo: New MacBook Pro Models to Feature Flat-Edged Design, MagSafe, No Touch Bar and More Ports

Thursday January 14, 2021 9:32 pm PST by
Apple is working on two new MacBook Pro models that will feature significant design changes, well-respected Apple analyst Ming-Chi Kuo said today in a note to investors that was obtained by MacRumors. According to Kuo, Apple is developing two models in 14 and 16-inch size options. The new MacBook Pro machines will feature a flat-edged design, which Kuo describes as "similar to the iPhone 12" ...
macbook pro flexgate

Apple Extends 13-Inch MacBook Pro Backlight Repair Program

Sunday January 17, 2021 10:31 am PST by
Apple this week extended its worldwide 13-inch MacBook Pro Display Backlight Service Program, authorizing coverage for eligible notebooks for up to five years after the original purchase date or up to three years after the start date of the program, whichever is longer. The previous cutoff was four years after the original purchase date. Apple launched the program on May 21, 2019 after...
iphone x camera close

iOS 14.4 Will Introduce Warning on iPhones With Non-Genuine Cameras

Thursday January 14, 2021 8:07 am PST by
In the second beta of iOS 14.4 seeded to developers and public testers this week, MacRumors contributor Steve Moser has discovered code indicating that Apple will be introducing a new warning on iPhones that have had their camera repaired or replaced with aftermarket components rather than genuine Apple components. "Unable to verify this iPhone has a genuine Apple camera," the message will...
Apple TV Ray Light 2 Triad

Apple Extends Free Apple TV+ Trials Until July

Friday January 15, 2021 10:50 am PST by
Apple is once again planning to extend its free Apple TV+ trial subscriptions, this time until July. When Apple TV+ launched in November 2019, Apple offered free Apple TV+ subscriptions to those who purchased a new Apple device in or after September 2019. Those free subscriptions were set to expire in November 2020, but in October 2020, Apple announced that it was extending free trials...
mac pro mini feature

Apple Working on Two New Mac Pro Desktops, One of Which Will Be Reminiscent of Power Mac G4 Cube

Friday January 15, 2021 10:23 am PST by
Apple is developing two versions of the Mac Pro to succeed the Mac Pro that was first released in December 2019, according to a new report from Bloomberg. The first updated Mac Pro is a direct successor to the current Mac Pro and it will use the same design. It may also be equipped with Intel processors rather than Apple silicon chips, and it could be one of the sole machines in the Mac...
macbook pro magsafe

MagSafe is Coming Back to the Mac: A Look Back at Apple's Original Magnetic Charging Technology

Friday January 15, 2021 12:16 pm PST by
Surprise late night rumors last night provided us with our first in-depth look at what we can expect from the new MacBook Pro models that are coming in 2021, and there are some significant changes in the works. Along with additional ports, a new flat-edged design, and the removal of the Touch Bar, Apple's updated MacBook Pro machines will readopt MagSafe. MagSafe in the 2021 MacBook Pro...