Didn't they say that your new password would be logged as well? Sent from my iPhone On May 6, 2012, at 1:24 PM, Scott Howell <scottn3byy@xxxxxxxxx> wrote: > Hmmm, very interesting. I do not use File Vault on my MIni, but have > considered it for my MBP. Although I have not looked to far into this I > gather changing the password is the easy fix, so at least it does not require > some serious hackery to the OS. > > On May 6, 2012, at 3:14 PM, David Hilbert Poehlman wrote: > >> == OS X Lion update accidentally outs user passwords in plain text, stumbles >> over FileVault == >> http://www.engadget.com/2012/05/06/os-x-lion-update-accidentally-outs-user-passwords-in-plain-text/ >> (from Engadget) >> >> Are you an avid user of OS X's FileVault encryption and running a recently >> updated version of Lion? It may be time to consider changing your passwords. >> According to security researcher David Emry, users who used FileVault prior >> to upgrading to 10.7.3 may be able to find their password in a system-wide >> debug log file, stored in plain text outside of the encrypted area. This >> puts the password at risk of being read by other users or enterprising cyber >> criminals, Emry explains, and even opens the door for new flaw-specific >> malware. FileVault 2, on the other hand, seems to be unaffected by the bug. >> The community doesn't currently have a way to fight the flaw, so users >> rushing to change their password now may find it being logged as well. >> Obviously, we'll let you all know once we hear back from Apple regarding >> this matter.OS X Lion update accidentally outs user passwords in plain text, >> stumbles over FileVault originally appeared on Engadget on Sun, 06 May 2012 >> 12:55:00 EDT. Please see our terms for use of feeds.Permalink | ZDNet | >> Email this | Comments >> >> >> >> -- >> Jonnie Appleseed >> With His >> Hands-On Technolog(eye)s >> Touching The Internet >> Reducing Technology's disabilities >> One Byte At A Time >> >> ************ >> >> >> You are subscribed to the mac4theblind mailing list. >> >> >> The url for this list, where one can unsubscribe or make any changes to >> their list subscription is: >> >> //www.freelists.org/list/mac4theblind >> >> The list archive is located at >> >> //www.freelists.org/archive/mac4theblind/ >> >> All emails intended for the list owner can be sent to: >> >> john@xxxxxxxxxxxxxxxxxx >> > > ************ > > > You are subscribed to the mac4theblind mailing list. > > > The url for this list, where one can unsubscribe or make any changes to > their list subscription is: > > //www.freelists.org/list/mac4theblind > > The list archive is located at > > //www.freelists.org/archive/mac4theblind/ > > All emails intended for the list owner can be sent to: > > john@xxxxxxxxxxxxxxxxxx > ************ You are subscribed to the mac4theblind mailing list. The url for this list, where one can unsubscribe or make any changes to their list subscription is: //www.freelists.org/list/mac4theblind The list archive is located at //www.freelists.org/archive/mac4theblind/ All emails intended for the list owner can be sent to: john@xxxxxxxxxxxxxxxxxx