Apple in hot water over Mac security lapse

Advertisement
By NDTV Correspondent | Updated: 5 June 2012 12:40 IST
Highlights
  • Reports indicate of a possible oversight on Apple engineers' behalf that potentially exposes the user's password in clear-text.
If April was bad for Apple on the security front, May seems to offer little respite. Reports indicate of a possible oversight on Apple engineers' behalf that potentially exposes the user's password in clear-text.

The problem is related to FileVault, the file encryption technology that ships with Apple's Mac operating system, specifically Macs using the FileVault encryption version that shipped pre-Lion. According to David I Emery, who reported the issue on a mailing list, every time the user's FileVault protected home-directory is mounted via the network, the user's password in logged to a file in clear-text.

This type of logging is common when developers are testing code internally, but shipping this in production or user-facing code is unacceptable. This log file, and thus the password, is accessible to any user with root or admin privileges. With access to the password, the root or admin user can now see contents of the user's FileVault encrypted folder.

The issue, first reported on May 5th, affects Mac users who moved their FileVault encrypted folders to Lion from legacy versions of Mac OS X. Users utilizing Lion's Filevault 2 (whole disk encryption) remain unaffected.

As per Emery, the bug was introduced with Mac OS Lion 10.7.3 update in early February. Apple has not released any comment confirming or denying the problem till date.

April saw over 550,000 Macs affected by Flashback trojan, with Apple scrambling to check the spread and release a fix. Later security major Trend Micro released a damning report, citing Apple's poor security record in Q1 2012.

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Amazon Prime Day Sale: Early Deals on Smartphones From Top Brands Revealed
  2. Amazon Prime Day 2026 Sale: Top Deals on Smartphones Under Rs. 50,000
  3. Here's Our First Look of the Nothing Phone 4b 'RCB Edition' Variant
  4. Here's When the Redmi Note 17 Series Will Launch: See Expected Features
  5. Alienware 15 Arrives in India as Dell's Most Affordable Gaming Laptop Yet
  6. Flipkart GOAT Sale: Top Early Deals on Smartphones, Tablets and More
  7. Garmin Forerunner 70, Forerunner 170, Forerunner 170 Music Debut in India
  8. iPhone 18 Pro Max Might Arrive With Apple's Biggest Battery Yet
  9. iQOO Z11i Launched With 6,500mAh Battery, Snapdragon 4 Gen 2: See Price
  1. Asus Vivobook 15 With Intel Core 5 Series 3 CPU Launched in India: Price, Features
  2. Bitcoin Climbs Above $61,600 as Weak US Jobs Data Boosts Crypto Investor Sentiment
  3. iPhone 18 Pro Max Might Arrive With Apple's Biggest Smartphone Battery to Date, Latest Leak Suggests
  4. Vivo X500 Camera Specifications Leaked; 64-Megapixel Periscope Telephoto Camera Tipped
  5. Lenovo Legion Y700 AI Tablet Confirmed to Launch in August; Company Teases Gaming Tablet's Design
  6. iPhone 18 Pro to Feature Apple's C2 Modem Globally, Qualcomm Chip in the US: Report
  7. Xbox Will Reportedly Allow Users to Digitise Physical Games, Ship Project Helix Without Disc Drive
  8. Fire-Boltt's First Smartphone May Be Called Boltt Evo 4G, Tipster Claims; Key Specifications Leak
  9. iQOO Z11i Launched With 6,500mAh Battery, Snapdragon 4 Gen 2 Chip: Price, Specifications
  10. Huawei Band 11 Series Launched in India With 1.62-Inch Display, Over 100 Workout Modes: Price, Features
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.