OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault
Highly rated gadgets
- 9.1 Apple iPhone XS Max
- 9.0 Panasonic LUMIX LX100 II
- 10.0 FujiFilm X-T3
- 8.0 BlackBerry Motion
- 10.0 Nikon Z 7
- 9.1 Apple iPhone XS
- 8.5 Xiaomi Mi A2
- 9.0 Sony WH-1000XM3
- 9.0 FujiFilm XF10
Are you an avid user of OS X's FileVault encryption and running a recently updated version of Lion? It may be time to consider changing your passwords. According to security researcher David Emry, users who used FileVault prior to upgrading to 10.7.3 may be able to find their password in a system-wide debug log file, stored in plain text outside of the encrypted area. This puts the password at risk of being read by other users or enterprising cyber criminals, Emry explains, and even opens the door for new flaw-specific malware. FileVault 2, on the other hand, seems to be unaffected by the bug. The community doesn't currently have a way to fight the flaw without disabling FileVault, so users ... »read more
More at: Engadget Add additional source
Filed in: Operating SystemsAppleMac OS X 10.7