vault

A security hole has recently been found in the latest version of OS X 10.7.3, through which a user's password may be written to a log file in plain text if that person is using the older legacy FileVault data encryption technology from past versions of OS X.

While the hole may be a problem for a certain group of people who still use the legacy encryption scheme, there are several things that can be done about it.

The hole happened when an Apple software engineer apparently left a debugging flag enabled in the production release of … Read more

MacFixIt Answers is a feature in which we answer questions e-mailed in by our readers.

This week people wrote in with questions managing a persistent warning in Web browsers about local storage when browsing YouTube, what to do about an encrypted hard drive for which you do not have the recovery key or password, managing a bluetooth mouse that keeps losing its connection, and a reader suggestion for a file quarantining bug in OS X Lion. We welcome alternative approaches and views from readers, so if you have any suggestions or alternative approaches to these problems, then post them in … Read more

When a problem arises in OS X because of a software configuration error, often one troubleshooting step to take for clearing the issue or at least investigating it further is to boot into Safe Mode; however, sometimes Safe Mode may not work.

Booting to Safe Mode in OS X is done by holding the Shift key at startup, which triggers a minimal boot environment where only basic Apple-supplied extensions and services are loaded. This will help you determine if problems are happening from peripheral devices or third-party extensions such as those supplied by some security software packages. In addition to … Read more

MacFixIt Answers is a feature in which we answer questions e-mailed in by our readers.

This week people wrote in with questions about the best way to move data from an old user account to a new one, the purpose for the key given to you when you enable FileVault, and how to add new menu extras to the menu bar. Others asked how to manage exceptionally large virtual memory used by programs, and how best to move an OS installation to a new partition. We welcome alternative approaches and views from readers, so if you have any suggestions, post … Read more

Apple's FileVault technology is a method of automatically encrypting your files so you do not have to worry about data theft should your system be stolen. In its first iteration FileVault was just used to encrypt the user's home directory, but in OS X Lion Apple introduced a second-generation full-disk encryption scheme that has been dubbed FileVault 2.

Many people who are considering using FileVault 2 have been asking about questions such as whether or not the encryption is needed, and expressing concerns about its security.

Yesterday's news of Passware's ability to decrypt FileVault-encrypted Macs in under an hour may have some people concerned about what this means for Mac security. After all, the purpose of encryption is to keep people from easily accessing the data on your drive, and yet Passware shows that in the hands of a capable person, your drive's encrypted contents might quite easily be uncovered.

Security experts speculate that the 128-bit XTS-AESW encryption used in FileVault would take millions of years to crack with a brute-force approach, so while Passware's approach clearly does not employ a brute-force … Read more

One of the welcome features in OS X Lion was the replacement of Apple's first-generation FileVault file encryption technology, which only encrypted the home folder, with a new whole-disk encryption approach.

Unlike the first FileVault, which required a number of workarounds and still had compatibility problems with various programs and utilities, the new technology is transparent to the operating system and enhances security since it not only encrypts user data but also all other data on the drive, including system caches, application files, and system configuration files that might contain some personal information.

FileVault 2 requires the hard drive … Read more

Hackers in China have found a way to infiltrate supposedly secure smart cards used by U.S. government employees, according to security company AlienVault.

The security firm said it has seen dozens of such attacks, which tap into a unique variant of a nasty bit of malware known as Sykipot.

The hackers appear intent on stealing data from the Department of Defense and other related agencies. The malware is capable of capturing the PIN numbers used by government smart cards, thereby allowing access to supposedly secure information.

"Like we have shown with previous Sykipot attacks, the attackers use a … Read more

With almost 550,000 active apps in the iTunes App Store, you get plenty of variation, and one developer continues to release games that are downright silly.

Many iPhone gamers will probably remember Justin Smith's Enviro-Bear 2010 (99 cents) from Captain Games. When the game came out in 2009, our Mac and iOS freelance reviewer, Paul Hughes, started the review by saying, "Enviro-Bear 2010 is part game, part joke, part art piece, and part game-design experiment." In Enviro-Bear 2010, the premise is that you are a bear getting ready to hibernate and you must drive a car … Read more