Passware Kit v11 Snatches OSX Passwords In Minutes
Whether true or not, Apple’s Mac OSX is typically perceived as being more secure than Windows. But according to Passware, Inc., a leading maker of password recovery and e-Discovery software for Federal and State agencies, law enforcement, and military organizations, among many other corporate clients, OSX has its fair share of vulnerabilities too. In fact, according to Passware, a recent vulnerability found in OSX—including the latest “Lion” release—allows the company’s Passware Kit to ascertain even complex passwords in a matter of minutes.
The tool exploits a vulnerability in the OS when a system with Automatic Login enabled is put into sleep mode. Although precise details of the exploit aren’t explained, apparently passwords are stored in memory when a system is put to sleep, and by using a Mac’s Firewire port, which has Direct Memory Access, the target system’s memory image—passwords and all—can be grabbed when the system goes to sleep. Once the memory image has been copied, Passware’s tools can then scan it and extract the passwords.
Although this exploit may sound somewhat severe, there is an easy way to protect affected OSX-based systems. Simply disabling the Automatic Login feature and shutting the system down eliminates the security risk, because the passwords will no longer be stored in system memory and therefore cannot be extracted using Passware’s tools.
This latest news out of Passware centers around OSX, but it’s important to note that the company has numerous tools to extract or rest passwords for virtually every major OS and a myriad of popular applications, designed for both personal and enterprise use. The full title of the news release mentions Windows and Linux in fact and claims, “Passware Kit v11 Recovers Mac User Login Passwords in Minutes and Cracks Windows/Linux Hash Passwords”.
Even for the non-tech savvy user, just looking at Passware’s arsenal should tell you that where there’s a will, there’s a way. If someone with the means and the know how to snatch your data wants it, there’s usually a way to get it.