Back to Mobile View

Skip to Content

TUAW Deals

Security firm extracts Mac OS user login passwords over FireWire

OMG. Lock up your Mac now! Security firm Passware sent out a PR blast this morning noting that their $995 application Passware Kit Forensic v11 can retrieve Mac OS user login passwords, and they're saying that this "proves Mac OS Lion insecure."

The expensive app, which Passware will happily sell you for all of your forensic and password stealing needs, is used to connect a Windows machine running the software to a Mac via a FireWire connection. It can apparently "capture live Mac memory" and extracts passwords regardless of the strength of your password or use of FileVault encryption.

While Passware Kit Forensic could be extremely useful for law-enforcement and government officials, as well as network administrators in enterprises, it doesn't seem likely that a common criminal is going to purchase Passware Kit Forensic when they're much more likely to want to wipe the hard drive and sell a stolen Mac for fast cash.

Where this is a bit scary is in industrial or governmental espionage. Those are the situations where a thousand-dollar app would be chump change and the information that's stolen could make or lose billions of dollars. In those cases, Passware's president Dimitry Sumin notes "it is important to ensure physical security of the computer. One might also consider using additional encryption software."

As for the rest of us with information that isn't too important? There's an easy way to keep yourself safe -- just turn off your computer when it's not in use instead of putting it to sleep, and disable the Automatic Login setting. By doing this, passwords aren't present in memory and can't be recovered using Passware's software.

It's interesting that Passware didn't headline their press release with "Passware Proves Windows 7 Insecure..." since the same software easily retrieves passwords from that commonly used OS.