The team at Komplicated loves Apple's Mac OS X. Our webcast is produced with Macs, our website is largely produced that way (maybe all of it, we don't know what A. Darryl Moton and Scott Wilson are out there doing computer wise, we respect their privacy). That said, Mac's new iteration, Lion? We're concerned. Here's yet another reason why …
According to Passware, a software provider, the latest edition of their password cracking forensic suite Passware Kit Forensic v11 can extract Mac OS X Lion user login passwords from the computer’s memory in a matter of minutes. The vulnerability occurs when the computer is in sleep mode. Passwords that are stored in the computer’s memory can be extracted using Passware’s software, which captures the computer’s memory via a FireWire connection and thus the passwords.
The passwords are able to be stolen regardless of strength or FileVault encryption. What’s more, the vulnerability is present in all the modern versions of Mac OS, including 10.6 Snow Leopard and 10.7 Lion. According to Passware, this security flaw has an easy fix, just turn the computer all the way off instead of putting it into sleep mode, and disable Automatic Login in settings.
Sure, the software in question costs a grand, which deters some people … but let's just say that paying for software isn't always a deterrent to casual thieves. Still … not cool, so remember to turn your machine off when you're not using it!