Overclock.net › Forums › Industry News › Software News › [BitTech] Apple goof opens FileVault hole in OS X
New Posts  All Forums:Forum Nav:

[BitTech] Apple goof opens FileVault hole in OS X - Page 3

post #21 of 57
Hahahahahahahaha.































Ha.
Main Rig.
(14 items)
 
Battlefield 2 review.
Battlefield 2 PC Game EA
 
CPUMotherboardGraphicsRAM
Bulldozer FX4100 Gigabyte GA-M68MT-S2 MSI 7770 Kingston Hyper X | 2 x 2 GB 
Hard DriveOptical DriveCoolingOS
WD 2 TB  LiteON DVD/CD R-W Drive AMD Standard cooler Windows 7 Ultimate 
MonitorKeyboardPowerCase
32' Luxor Full HD TV Microsoft comfort curce Antec 450 Watt OcUK Value case 
MouseAudio
Microsoft wireless mouse Logitech speakers & Bass 
  hide details  
Reply
Main Rig.
(14 items)
 
Battlefield 2 review.
Battlefield 2 PC Game EA
 
CPUMotherboardGraphicsRAM
Bulldozer FX4100 Gigabyte GA-M68MT-S2 MSI 7770 Kingston Hyper X | 2 x 2 GB 
Hard DriveOptical DriveCoolingOS
WD 2 TB  LiteON DVD/CD R-W Drive AMD Standard cooler Windows 7 Ultimate 
MonitorKeyboardPowerCase
32' Luxor Full HD TV Microsoft comfort curce Antec 450 Watt OcUK Value case 
MouseAudio
Microsoft wireless mouse Logitech speakers & Bass 
  hide details  
Reply
post #22 of 57
Quote:
Originally Posted by DuckieHo View Post

Debug mode.
I understand it is due to a debug mode, I haven't read the article thoroughly, but I'm assuming upon entry of the password it threw it into a debug log?
    
CPUMotherboardGraphicsRAM
i5 2500k Asus P8P67 XFX HD 6950 G.Skill 2x4GB 
CoolingOSPowerCase
CM Hyper 212+ Windows 7 / Linux Mint Seasonic S12ii 620 HAF 912 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5 2500k Asus P8P67 XFX HD 6950 G.Skill 2x4GB 
CoolingOSPowerCase
CM Hyper 212+ Windows 7 / Linux Mint Seasonic S12ii 620 HAF 912 
  hide details  
Reply
post #23 of 57
Note "with physical access."
Alpha dawg
(11 items)
 
  
CPUMotherboardGraphicsRAM
i3 2100 Gigabyte z68ma-d2h-b3 GTX 460 Hawk 8GB DDR3 1600 
Hard DriveOptical DriveCoolingOS
WD Scorpio Blue  Asus  H60 Windows 7 64x 
MonitorPowerCase
Asus 24"  Antec neo eco 620W  Corsair 650D  
  hide details  
Reply
Alpha dawg
(11 items)
 
  
CPUMotherboardGraphicsRAM
i3 2100 Gigabyte z68ma-d2h-b3 GTX 460 Hawk 8GB DDR3 1600 
Hard DriveOptical DriveCoolingOS
WD Scorpio Blue  Asus  H60 Windows 7 64x 
MonitorPowerCase
Asus 24"  Antec neo eco 620W  Corsair 650D  
  hide details  
Reply
post #24 of 57
Thread Starter 
Quote:
Originally Posted by legojoey17 View Post

I understand it is due to a debug mode, I haven't read the article thoroughly, but I'm assuming upon entry of the password it threw it into a debug log?
It would have to be, right? Once salted hashed, it would not be able to decrypted, right? (A bit rusty on encryption.... actually reviewing it right now for a Java program at work. redface.gif )
Quote:
Originally Posted by van13330gg View Post

Note "with physical access."
Like everyone in your household or frat house? thumb.gif
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #25 of 57
Quote:
Originally Posted by DuckieHo View Post

It would have to be, right? Once salted hashed, it would not be able to decrypted, right? (A bit rusty on encryption.... actually reviewing it right now for a Java program at work. redface.gif )
Whether or not it was salted it won't be able to be decrypted. You may be able to brute force it, but you can't directly turn the hash back into a password which would be proper decryption. The main things a salt is useful for is to render rainbow tables useless to slow down the cracking process, and if the salt is hidden well to prevent direct brute forcing (Depending on what your working with this may or may not be feasible e.g. vBulletin salts are right beside the password hashes, the only purpose of them is the former).
    
CPUMotherboardGraphicsRAM
i5 2500k Asus P8P67 XFX HD 6950 G.Skill 2x4GB 
CoolingOSPowerCase
CM Hyper 212+ Windows 7 / Linux Mint Seasonic S12ii 620 HAF 912 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i5 2500k Asus P8P67 XFX HD 6950 G.Skill 2x4GB 
CoolingOSPowerCase
CM Hyper 212+ Windows 7 / Linux Mint Seasonic S12ii 620 HAF 912 
  hide details  
Reply
post #26 of 57
Quote:
Originally Posted by DuckieHo View Post

It was probably a debug mode. A developer working on the patch forgot to disable the mode before release.

This. I'd put money on it.
Foldatron
(17 items)
 
Mat
(10 items)
 
Work iMac
(9 items)
 
CPUMotherboardGraphicsGraphics
i7 950 EVGA x58 3-way SLI EVGA GTX 660ti GTX 275 
RAMHard DriveHard DriveHard Drive
3x2GB Corsair Dominator DDR3-1600 80GB Intel X25-M SSD 2TB WD Black 150GB WD Raptor 
Hard DriveOSMonitorKeyboard
2x 150GB WD V-raptor in RAID0 Win7 Home 64-bit OEM 55" LED 120hz 1080p Vizio MS Natural Ergonomic Keyboard 4000 
PowerCase
750W PC P&C Silencer CoolerMaster 690 
CPUGraphicsRAMHard Drive
Intel Core i5 2500S AMD 6770M 8GB (2x4GB) at 1333Mhz 1TB, 7200 rpm 
Optical DriveOSMonitorKeyboard
LG 8X Dual-Layer "SuperDrive" OS X Lion 27" iMac screen Mac wireless keyboard 
Mouse
Mac wireless mouse 
CPUGraphicsRAMHard Drive
i7-2600K AMD 6970M 1GB 16GB PC3-10600 DDR3 1TB 7200rpm 
Hard DriveOptical DriveOSMonitor
256GB SSD 8x DL "SuperDrive" OS X 10.7 Lion 27" 2560x1440 iMac display 
Monitor
27" Apple thunderbolt display 
  hide details  
Reply
Foldatron
(17 items)
 
Mat
(10 items)
 
Work iMac
(9 items)
 
CPUMotherboardGraphicsGraphics
i7 950 EVGA x58 3-way SLI EVGA GTX 660ti GTX 275 
RAMHard DriveHard DriveHard Drive
3x2GB Corsair Dominator DDR3-1600 80GB Intel X25-M SSD 2TB WD Black 150GB WD Raptor 
Hard DriveOSMonitorKeyboard
2x 150GB WD V-raptor in RAID0 Win7 Home 64-bit OEM 55" LED 120hz 1080p Vizio MS Natural Ergonomic Keyboard 4000 
PowerCase
750W PC P&C Silencer CoolerMaster 690 
CPUGraphicsRAMHard Drive
Intel Core i5 2500S AMD 6770M 8GB (2x4GB) at 1333Mhz 1TB, 7200 rpm 
Optical DriveOSMonitorKeyboard
LG 8X Dual-Layer "SuperDrive" OS X Lion 27" iMac screen Mac wireless keyboard 
Mouse
Mac wireless mouse 
CPUGraphicsRAMHard Drive
i7-2600K AMD 6970M 1GB 16GB PC3-10600 DDR3 1TB 7200rpm 
Hard DriveOptical DriveOSMonitor
256GB SSD 8x DL "SuperDrive" OS X 10.7 Lion 27" 2560x1440 iMac display 
Monitor
27" Apple thunderbolt display 
  hide details  
Reply
post #27 of 57
Spokesperson for Apple: That's our new shiny password recovery feature, you're holding it wrong, Apple is incapable of mistakes, here's a random lawsuit.
post #28 of 57
In all seriousness, this is getting ridiculous... They're starting to lose credibility in my eyes. Yes it was a mistake... that NEVER should have happened. Who dropped the ball testing it before release?

Apple needs to get their crap together if anyone; besides professionals (who use them for some [personal] reason), fanboys, and status seekers, are going to start taking them seriously...
Horizon
(15 items)
 
ToSHITa
(10 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core I5 2500K Gigabyte GA-B75M-D3H XFX Radeon R9-280 Double Dissipation Corsair Vengance 16GB Dual Channel DDR3 
Hard DriveHard DriveHard DriveCooling
Crucial M500 120GB SSD WD BLACK SERIES WD1003FZEX 1TB 7200 RPM 64MB Ca... Western Digital WD Blue WD10EZEX 1TB 7200 RPM 6... Corsair H100 
OSMonitorMonitorKeyboard
Windows 7 Ultimate Edition Alienware Optx AW2210 Asus VS239 CM Storm QuickFire Rapid Cherry MX Brown 
PowerCaseMouse
NZXT Hale75 750W PSU Fractal Design Node 804 Logitech G700s 
CPUMotherboardGraphicsRAM
AMD Quad-Core A8-4500M Satellite L855D-S5114 Radeon™ HD 7640G Generic 4GB DDR3-1600MHz (PC3-12800) 
Hard DriveOptical DriveOSMonitor
Crucial M4 128GB SSD Generic DVD SuperMulti DVD-RAM (5x) Windows 10 Home (Hardcore Old-key Fresh Install... 15.6" Widescreen TruBrite TFT @ 1366x768 
PowerAudio
65W (19v 3.42a) 100-240/50-60Hz AC Adaptor SRS Premium Sound HD 
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
  hide details  
Reply
Horizon
(15 items)
 
ToSHITa
(10 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core I5 2500K Gigabyte GA-B75M-D3H XFX Radeon R9-280 Double Dissipation Corsair Vengance 16GB Dual Channel DDR3 
Hard DriveHard DriveHard DriveCooling
Crucial M500 120GB SSD WD BLACK SERIES WD1003FZEX 1TB 7200 RPM 64MB Ca... Western Digital WD Blue WD10EZEX 1TB 7200 RPM 6... Corsair H100 
OSMonitorMonitorKeyboard
Windows 7 Ultimate Edition Alienware Optx AW2210 Asus VS239 CM Storm QuickFire Rapid Cherry MX Brown 
PowerCaseMouse
NZXT Hale75 750W PSU Fractal Design Node 804 Logitech G700s 
CPUMotherboardGraphicsRAM
AMD Quad-Core A8-4500M Satellite L855D-S5114 Radeon™ HD 7640G Generic 4GB DDR3-1600MHz (PC3-12800) 
Hard DriveOptical DriveOSMonitor
Crucial M4 128GB SSD Generic DVD SuperMulti DVD-RAM (5x) Windows 10 Home (Hardcore Old-key Fresh Install... 15.6" Widescreen TruBrite TFT @ 1366x768 
PowerAudio
65W (19v 3.42a) 100-240/50-60Hz AC Adaptor SRS Premium Sound HD 
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
  hide details  
Reply
post #29 of 57
Quote:
the flaw appears to only affect users who created FileVault home directories under versions of OS X prior to Lion and then subsequently upgraded; FileVault 2 with legacy mode disabled does not appear susceptible to the flaw.

Still embarrassing for the people who've used FileVault in previous releases though. I could see why a dev didn't notice this if they weren't using an upgraded machine in testing.
Edited by PoopaScoopa - 5/7/12 at 5:54pm
post #30 of 57
keep it clean in this thread guys...
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [BitTech] Apple goof opens FileVault hole in OS X