Bugtraq mailing list archives
Re: Loginwindow.app and Mac OS X
From: Matt Johnston <matt () ucc asn au>
Date: Fri, 29 Feb 2008 11:54:02 +0900
On Thu, Feb 28, 2008 at 06:28:51PM -0800, Jacob Appelbaum wrote:
oc photon wrote:n Thu, Feb 28, 2008 at 1:56 PM, Jacob Appelbaum <jacob () appelbaum net> wrote:Moin moin Bugtraq readers, Bill Paul and I have discovered that LoginWindow.app doesn't clear credentials after a user is authenticated.This has already been discovered in 2004. While the author only looks at swap files, it is obvious that this is the same bug. http://seclists.org/bugtraq/2004/Jun/0417.htmlThanks for the heads up. It's very possible that this is the same bug but obviously we found it in a different context. It surely seems like it may be the original that Apple would not discuss with us. The bug number it was duped against was over 2 million bugs prior. Does that sound like Apple knew about this for nearly _4_ years (!) and didn't do anything about it? That's seriously pathetic if it's actually that case!
I reported it a little while after mailing bugtraq, was given bug ID #3728773 which was marked as a duplicate of #3711425 (both after your duplicate of #3250780). Keep in mind that the increment of millions probably includes all kinds of automated bug submissions. As an aside to grabbing secrets from sleeping machines, OS X's "secure virtual memory" will encrypt the hibernate image (good) but then seems to store the key in a nvram variable. So that'd be another avenue of attack I guess. Matt
Current thread:
- Loginwindow.app and Mac OS X Jacob Appelbaum (Feb 28)
- Re: Loginwindow.app and Mac OS X oc photon (Feb 29)
- Re: Loginwindow.app and Mac OS X Jacob Appelbaum (Feb 29)
- Re: Loginwindow.app and Mac OS X Matt Johnston (Feb 29)
- Re: Loginwindow.app and Mac OS X Jacob Appelbaum (Feb 29)
- Re: Loginwindow.app and Mac OS X oc photon (Feb 29)