Apple's latest update to OS X contains a dangerous programming error that reveals the passwords for material stored in the first version of FileVault, the company's encryption technology, a software consultant said.
David I. Emery wrote on Cryptome that a debugging switch inadvertently left on in the current release of Lion, version 10.7.3, records in clear text the password needed to open the folder encrypted by the older version of FileVault.
1Password is a popular password service which offers apps and browser plug-ins for a number of platforms, including Mac, Windows, iOS and Android. The service automatically generates strong, unique passwords whenever a login is needed, keeping them in a keychain under a master password. Once authorized, 1Password can then automatically fill in user names and passwords when needed without the user having to know the often complex passwords created for maximum security.
Macs have been relatively safe from the kind of viruses that plagued Windows users through the last couple decades. But once it was revealed that a variation of Flashback was able to create a botnet of more than half a million Macs thanks to an unpatched Java vulnerability users stood up and took notice. OS X has largely been free of viruses and worms up to this point, but that still doesn't stop unsuspecting users from being tricked into typing an admin password into a cleverly (or, sometimes, not-so-cleverly) disguised installer.
Hard on the heels of the Flashback Trojan, Kaspersky Labs is warning of a new OSX threat, which it’s dubbed Backdoor.OSX.SabPub.a.
In a post to Securelist, Kaspersky’s Costin Raiu says the Trojan connects to a command and control server hosted on a Californian-based VPS associated with the Onedumb.com free DNS.
A Russian security firm says it's found an alarming 600,000 OS X machines infected with the Flashback trojan.
The firm, called Dr Web, first said that it had found half a million infected computers but later upped the number in a tweeted message, where it added that some of the bots are in Cupertino.