The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

http://conference.hitb.org/hitbsecconf2014kul/#tile_schedule

Triple-Track Conference - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/conference-speakers/

 

Capture the Flag - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/capture-the-flag/

HackWEEKDAY - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/hackweekday/

CommSec Village - 15th & 16th October

http://conference.hitb.org/hitbsecconf2014kul/commsec-village/

REGISTER ONLINE NOW

Engineering mistake exposes Lion passwords in clear-text

http://en.wikipedia.org/wiki/Mac_OS_X_Lion

Apple's latest update to OS X contains a dangerous programming error that reveals the passwords for material stored in the first version of FileVault, the company's encryption technology, a software consultant said.

David I. Emery wrote on Cryptome that a debugging switch inadvertently left on in the current release of Lion, version 10.7.3, records in clear text the password needed to open the folder encrypted by the older version of FileVault.

Users who are vulnerable are those who upgraded to Lion but are using the older version of FileVault. The debug switch will record the Lion passwords for anyone who has logged in since the upgrade to version 10.7.3, released in early February. "This is what the secure FileVault partition was supposed to protect against after all," Emery said in an interview.