Tech Goes Boom: Panther Keeps passwords in swap

Panther Keeps passwords in swap

Type this into a terminal window:

sudo strings -8 /var/vm/swapfile0 |grep -A 4 -i longname

Turns out that Apple is keeping the keychain password in clear text in the swap file. Sure you need to be root to run strings on it, but you could just pull the power on the machine while it's running, boot it into firewire target mode from your laptop and read away. Not a big deal you may say, as someone would have to be at the computer or have root access to exploit this. But your keychain and filevault are exposed to anyone who can shutdown and reboot your machine. That's bad.

Link

Posted by Joe Mullins at July 15, 2004 09:41 AM | TrackBack

Comments

Thanks for posting this.

The illusion that OS X is somehow a wonderfully secure environment needs to be shattered in a graceful way.

Before some virus or trojan smashes the illusion in a destructive manner.

Posted by: Mr. Kahn at July 16, 2004 01:08 PM

not that it means anything but i had to sift though pages (no pun intended) of data and still couldn't find any of my passwords... only tried on tiger (*already* my primary OS!)

Posted by: Nate Friedman at July 19, 2004 12:45 AM

Trackback

TrackBack URL for this entry:
http://techgoesboom.com/cgi-bin/mt-tb.cgi/256

Here's what others have to say about Panther Keeps passwords in swap:

Recent Comments

Review: Dell 2405fpw Monitor (9)
Dan wrote: I bought this screen for almost 2w ...[more]

iPod Nano Bitch (2)
ricky wrote: Damn bro I dont know if I should by...[more]

Make iChat Reconnect to Server (2)
zuzu wrote: How would I make this work reflexiv...[more]

Universal 10.3.4 boot DVD from G5 (19)
Enrique wrote: I had trouble with the Redd/write p...[more]

FirmTek SATA enclosure (1)
storage amateur wrote: None unit available, any price diff...[more]