Passware Kit v11 Snatches OSX Passwords In Minutes

by Marco Chiappetta — Thursday, July 28, 2011, 06:39 PM EDT

Whether true or not, Apple’s Mac OSX is typically perceived as being more secure than Windows. But according to Passware, Inc., a leading maker of password recovery and e-Discovery software for Federal and State agencies, law enforcement, and military organizations, among many other corporate clients, OSX has its fair share of vulnerabilities too. In fact, according to Passware, a recent vulnerability found in OSX—including the latest “Lion” release—allows the company’s Passware Kit to ascertain even complex passwords in a matter of minutes.

The tool exploits a vulnerability in the OS when a system with Automatic Login enabled is put into sleep mode. Although precise details of the exploit aren’t explained, apparently passwords are stored in memory when a system is put to sleep, and by using a Mac’s Firewire port, which has Direct Memory Access, the target system’s memory image—passwords and all—can be grabbed when the system goes to sleep. Once the memory image has been copied, Passware’s tools can then scan it and extract the passwords.

Although this exploit may sound somewhat severe, there is an easy way to protect affected OSX-based systems. Simply disabling the Automatic Login feature and shutting the system down eliminates the security risk, because the passwords will no longer be stored in system memory and therefore cannot be extracted using Passware’s tools.

Passware Kit For Windows Shown. Image Source: Passware, Inc.

This latest news out of Passware centers around OSX, but it’s important to note that the company has numerous tools to extract or rest passwords for virtually every major OS and a myriad of popular applications, designed for both personal and enterprise use. The full title of the news release mentions Windows and Linux in fact and claims, “Passware Kit v11 Recovers Mac User Login Passwords in Minutes and Cracks Windows/Linux Hash Passwords”.

Even for the non-tech savvy user, just looking at Passware’s arsenal should tell you that where there’s a will, there’s a way. If someone with the means and the know how to snatch your data wants it, there’s usually a way to get it.

Tags: security, Passwords, Enterprise, Crack, exploit, Passware, Mac OSX

Marco Chiappetta

Marco's interest in computing and technology dates all the way back to his early childhood. Even before being exposed to the Commodore P.E.T. and later the Commodore 64 in the early ‘80s, he was interested in electricity and electronics, and he still has the modded AFX cars and shop-worn soldering irons to prove it. Once he got his hands on his own Commodore 64, however, computing became Marco's passion. Throughout his academic and professional lives, Marco has worked with virtually every major platform from the TRS-80 and Amiga, to today's high end, multi-core servers. Over the years, he has worked in many fields related to technology and computing, including system design, assembly and sales, professional quality assurance testing, and technical writing. In addition to being the Managing Editor here at HotHardware for close to 15 years, Marco is also a freelance writer whose work has been published in a number of PC and technology related print publications and he is a regular fixture on HotHardware’s own Two and a Half Geeks webcast. - Contact: marco(at)hothardware(dot)com