CATEGORIES
home News

Passware Kit v11 Snatches OSX Passwords In Minutes

by Marco ChiappettaThursday, July 28, 2011, 06:39 PM EDT

Whether true or not, Apple’s Mac OSX is typically perceived as being more secure than Windows. But according to Passware, Inc., a leading maker of password recovery and e-Discovery software for Federal and State agencies, law enforcement, and military organizations, among many other corporate clients, OSX has its fair share of vulnerabilities too. In fact, according to Passware, a recent vulnerability found in OSX—including the latest “Lion” release—allows the company’s Passware Kit to ascertain even complex passwords in a matter of minutes.

The tool exploits a vulnerability in the OS when a system with Automatic Login enabled is put into sleep mode. Although precise details of the exploit aren’t explained, apparently passwords are stored in memory when a system is put to sleep, and by using a Mac’s Firewire port, which has Direct Memory Access, the target system’s memory image—passwords and all—can be grabbed when the system goes to sleep. Once the memory image has been copied, Passware’s tools can then scan it and extract the passwords.

Although this exploit may sound somewhat severe, there is an easy way to protect affected OSX-based systems. Simply disabling the Automatic Login feature and shutting the system down eliminates the security risk, because the passwords will no longer be stored in system memory and therefore cannot be extracted using Passware’s tools.


Passware Kit For Windows Shown. Image Source: Passware, Inc.

This latest news out of Passware centers around OSX, but it’s important to note that the company has numerous tools to extract or rest passwords for virtually every major OS and a myriad of popular applications, designed for both personal and enterprise use. The full title of the news release mentions Windows and Linux in fact and claims, “Passware Kit v11 Recovers Mac User Login Passwords in Minutes and Cracks Windows/Linux Hash Passwords”.

Even for the non-tech savvy user, just looking at Passware’s arsenal should tell you that where there’s a will, there’s a way. If someone with the means and the know how to snatch your data wants it, there’s usually a way to get it.

Tags:  security, Passwords, Enterprise, Crack, exploit, Passware, Mac OSX
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment