[mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault

• From: Scott Howell <scottn3byy@xxxxxxxxx>
• To: mac4theblind@xxxxxxxxxxxxx
• Date: Sun, 6 May 2012 19:03:06 -0400

Correct. If you were using it you would have had to activate it. I will say 
that the protection is certainly worth it if you need to encrypt your entire 
disk. However, there are other options for encrypting individual files.
However, if you are interested, you can find the File Vault setting in System 
Preferences, Security, and select the File Vault tab.
For more information and a little history this will get you started, 
http://en.wikipedia.org/wiki/FileVault.

hth,

On May 6, 2012, at 6:13 PM, Sarah Alawami wrote:

> You probably do not use file vault. I don't use it at all. It is for those of 
> us who are in my mind crazy about incripting  ebverything so you probably 
> don't need to worry about it.
> On May 6, 2012, at 2:24 PM, dogstar172 wrote:
> 
>> Hello,
>> Being fairly new to mac how do I know if I used this vault? 
>> if the above is true then how does this issue get fixed?
>> Step by step instructions would be appreciated.
>> Angie 
>> On May 6, 2012, at 3:14 PM, David Hilbert Poehlman wrote:
>> 
>>> == OS X Lion update accidentally outs user passwords in plain text, 
>>> stumbles over FileVault ==
>>> http://www.engadget.com/2012/05/06/os-x-lion-update-accidentally-outs-user-passwords-in-plain-text/
>>> (from Engadget)
>>> 
>>> Are you an avid user of OS X's FileVault encryption and running a recently 
>>> updated version of Lion? It may be time to consider changing your 
>>> passwords. According to security researcher David Emry, users who used 
>>> FileVault prior to upgrading to 10.7.3 may be able to find their password 
>>> in a system-wide debug log file, stored in plain text outside of the 
>>> encrypted area. This puts the password at risk of being read by other users 
>>> or enterprising cyber criminals, Emry explains, and even opens the door for 
>>> new flaw-specific malware. FileVault 2, on the other hand, seems to be 
>>> unaffected by the bug. The community doesn't currently have a way to fight 
>>> the flaw, so users rushing to change their password now may find it being 
>>> logged as well. Obviously, we'll let you all know once we hear back from 
>>> Apple regarding this matter.OS X Lion update accidentally outs user 
>>> passwords in plain text, stumbles over FileVault originally appeared on 
>>> Engadget on Sun, 06 May 2012 12:55:00 EDT.  Please see our terms for use of 
>>> feeds.Permalink   |  ZDNet  | Email this | Comments
>>> 
>>> 
>>> 
>>> -- 
>>> Jonnie Appleseed
>>> With His
>>> Hands-On Technolog(eye)s
>>> Touching The Internet
>>> Reducing Technology's disabilities
>>> One Byte At A Time
>>> 
>>> ************
>>> 
>>> 
>>> You are subscribed to the mac4theblind mailing list.
>>> 
>>> 
>>>   The url for this list, where one can unsubscribe or make any changes to 
>>> their list subscription is:
>>> 
>>> //www.freelists.org/list/mac4theblind
>>> 
>>> The list archive is located at
>>> 
>>> //www.freelists.org/archive/mac4theblind/
>>> 
>>>   All emails intended for the list owner can be sent to:
>>> 
>>> john@xxxxxxxxxxxxxxxxxx
>>> 
>> 
>> ************
>> 
>> 
>> You are subscribed to the mac4theblind mailing list.
>> 
>> 
>>    The url for this list, where one can unsubscribe or make any changes to 
>> their list subscription is:
>> 
>> //www.freelists.org/list/mac4theblind
>> 
>> The list archive is located at
>> 
>> //www.freelists.org/archive/mac4theblind/
>> 
>>    All emails intended for the list owner can be sent to:
>> 
>> john@xxxxxxxxxxxxxxxxxx
>> 
> 
> ************
> 
> 
> You are subscribed to the mac4theblind mailing list.
> 
> 
>     The url for this list, where one can unsubscribe or make any changes to 
> their list subscription is:
> 
> //www.freelists.org/list/mac4theblind
> 
> The list archive is located at
> 
> //www.freelists.org/archive/mac4theblind/
> 
>     All emails intended for the list owner can be sent to:
> 
> john@xxxxxxxxxxxxxxxxxx
> 

************


You are subscribed to the mac4theblind mailing list.


     The url for this list, where one can unsubscribe or make any changes to 
their list subscription is:

//www.freelists.org/list/mac4theblind

The list archive is located at

//www.freelists.org/archive/mac4theblind/

     All emails intended for the list owner can be sent to:

john@xxxxxxxxxxxxxxxxxx

• References:
  • [mac4theblind] OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault
    • From: David Hilbert Poehlman
  • [mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault
    • From: dogstar172
  • [mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault
    • From: Sarah Alawami

Other related posts:

• » [mac4theblind] OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault- David Hilbert Poehlman
• » [mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault- Scott Howell
• » [mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault- Justin Harford
• » [mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault- dogstar172
• » [mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault- Sarah Alawami
• » [mac4theblind] Re: OS X Lion update accidentally outs user passwords in plain text, stumbles over FileVault - Scott Howell

1. Home
2. mac4theblind
3. Archive
4. 05-2012

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---