Are you an avid user of OS X’s FileVault encryption and running a recently updated version of Lion? It may be time to consider changing your passwords. According to security researcher David Emry, users who used FileVault prior to upgrading to 10.7.3 may be able to find their password in a system-wide debug log file, stored in plain text outside of the encrypted area. This puts the password at risk of being read by other users or enterprising cyber criminals, Emry explains, and even opens the door for new flaw-specific malware. FileVault 2, on the other hand, seems to be unaffected by the bug. The community doesn’t currently have a way to fight the flaw, so users rushing to change their password now may find it being logged as well. Obviously, we’ll let you all know once we hear back from Apple regarding this matter.

OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault originally appeared on Engadget on Sun, 06 May 2012 12:55:00 EDT. Please see our terms for use of feeds.

Permalink   |  ZDNet  | Email this | Comments

Popular Posts:

• Installing Virtue OLED Board & Laser Eyes in Dye DM9 Paintball Gun
• Bridging Digital and Physical Worlds With SixthSense
• Official Angry Birds 3 Star Walkthrough Theme 3 Levels 1-5
• HTC Schubert
• Sketching Out a Future for the Stylus

Incoming search terms:

• All Rights Reserved Use of our service is protected by our Privacy Policy and Terms of Service running shoe reviews
• powered by SMF water quality
• shebang tv passwords
• All Rights Reserved Use of our service is protected by our Privacy Policy and Terms of Service bingo download free game
• Powered by Article Dashboard water quality lab
• Powered by Article Dashboard a farewell to arms mp3
• Powered by Article Dashboard degree in business management
• All Rights Reserved Use of our service is protected by our Privacy Policy and Terms of Service avid video editing
• powered by SMF division of water quality
• All Rights Reserved Use of our service is protected by our Privacy Policy and Terms of Service symbols in a farewell to arms

Related Posts:

• Microsoft Store hacked in India, passwords stored in plain text
• Kindle Fire HD 7 and 8.9 now available for pre-order in ‘over 170 countries’ (update: Appstore open in ‘nearly 200′)
• Google engineers found over half the bugs in Microsoft’s latest security update
• Egyptian court suspends YouTube for a month over controversial film (Update: Google statement)
• Egyptian court suspends YouTube for a month over controversial film (Update: Google statement)