[Fed-Talk] encryption exposes passwords
[Fed-Talk] encryption exposes passwords
- Subject: [Fed-Talk] encryption exposes passwords
- From: Todd Heberlein <email@hidden>
- Date: Sun, 06 May 2012 12:12:10 -0700
Oops.
Apple security blunder exposes Lion login passwords in clear text
With the latest Lion security update, Mac OS X 10.7.3, Apple has accidentally turned on a debug log file outside of the encrypted area that stores the user’s password in clear text.
Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 (whole disk encryption) is unaffected.
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden