Re: [Fed-Talk] Mac keychain vulnerability
Re: [Fed-Talk] Mac keychain vulnerability
- Subject: Re: [Fed-Talk] Mac keychain vulnerability
- From: Ron Colvin <email@hidden>
- Date: Thu, 28 Sep 2017 08:07:22 -0400
- Dkim-filter: OpenDKIM Filter v2.11.0 ndmsvnpf101.ndc.nasa.gov 1A26240059C0
I do think the lock when sleeping and lock after x minutes of activity
could be improved so that they would be more useful to mitigate the
risk. A flood of keychain unlock prompts from aware applications after
the keychain locks does not encourage those controls use.
On 9/28/17 7:55 AM, Dave Schroeder wrote:
You probably didn't see a post for the reasons you said...it's been known for a while and
impacts multiple versions of macOS. This "disclosure" was done (and timed with
High Sierra release) for publicity, and misrepresents the nature of the threat.
Dave
On Sep 27, 2017, at 5:38 PM, Ron Colvin <email@hidden> wrote:
https://arstechnica.com/information-technology/2017/09/password-theft-0day-imperils-users-of-high-sierra-and-earlier-macos-versions/
I was surprised I had not seen a post.
This is not a "new" vulnerability. Password exports from unlocked keychains has
been a known issue to some for a while. It is mentioned in the CIS Benchmarks with
keychain lock controls.
--
********************************************************
Ron Colvin CISSP, CAP, CEH
Certified Security Analyst
NASA OCIO ITSD Analyst
<email@hidden>
Cell 240-472-1633
NASA Jabber (email@hidden) AIM rcolvin13
NASA Skype (email@hidden)
********************************************************
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
--
********************************************************
Ron Colvin CISSP, CAP, CEH
Certified Security Analyst
NASA OCIO ITSD Analyst
<email@hidden>
Cell 240-472-1633
NASA Jabber (email@hidden) AIM rcolvin13
NASA Skype (email@hidden)
********************************************************
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden