Great. Trivial hack gives any Lion user admin access
Summary: A security blog has posted a relatively simple way to crack Lion passwords - even from non-admin accounts.
Just when you thought it was safe to go on the prowl with Lion, it turns out that it could actually turn against you and m... ok, enough with the Lion metaphors.
There's a new, and potentially nasty vulnerability in Apple's Mac OS X Lion -- the company's exclusively-Internet-distributed major OS upgrade. It turns out the Apple should have probably put a few more QA engineers on the product.
Sunday night security blog "Defence in Depth" wrote that it's trivial to crack Lion passwords -- even from non-admin accounts.
In late 2009, the security blog "Defence in Depth" covered a method for cracking OS X passwords where users could extract the password hash for other users on the system; however, doing this ultimately required admin privileges. The post outlined that technically on systems prior to OS X 10.7 that user passwords could be extracted, but this ultimately could only be done by people with administrative passwords. Recently the blog outlined the new findings in Lion, where this can now be done by nonadmin users.
Tip of the hat to Topher Kessler (one of my countrymen at CNET) for uncovering this new Lion threat.
Apple, you're on the clock.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: Great. Trivial hack gives any Lion user admin access
I havent built an OS...
so if you have and yours was perfect, you might have some grounds for picking at flaws of a complex design. You have a lesser tally of flaws in Windows? with the same time in market? Most people are savy enough to wait on major upgrades anyway. Cheers
RE: Great. Trivial hack gives any Lion user admin access
RE: Great. Trivial hack gives any Lion user admin access
RE: Great. Trivial hack gives any Lion user admin access
RE: Great. Trivial hack gives any Lion user admin access
OS X was never designed to be a networked multi-user OS
MacOS is a single user, non networked OS with a bunch of patches and bandaids and security added on as an afterthought. That is why knowing 1 password on an OS X box is enough to get access to any other password on OS X.
Apple makes great hardware but their software is truly terrible.
RE: Great. Trivial hack gives any Lion user admin access
Their software is ancient. Mac OS X hasn't been fundamentally modified in at least century.
Where do you get this stuff?
For the sake of folks who might otherwise be confused by your post, the OLD MacOS (pre-OSX) was a single-user OS ... but it actually was designed with networking from the start (AppleTalk). In fact, to the best of my knowledge, it was the first desktop computer with true built-in networking (beyond a dial-up modem). Of course, since it had no underlying command-line interface, it was virtually impossible to hack -- you couldn't send it commands.
OS X, on the other hand, is built on BSD Unix, which is one of the longest-running variants of Unix and has had TCP/IP networking baked in since at least 1983 and was actually used widely by the US Government, military and colleges and universities for building out the ARPANET (that thing we call the internet, today). But obviously the three decades of history that proves that OS X is actually a networked OS is incorrect. They just haven't updated the historical records yet to set things straight.
Were I to be petty at this point, I might ask: And what role did Windows have in building out the internet? But since Windows didn't even exist in the mid-80s, that would be silly of me to ask such a question. It would be even more silly, since Windows didn't even come with TCP/IP built-in until Win3.1 in 1992.
Ohh ... I get it! YOU were the one who was confused, because history clearly shows that it was actually MS-DOS and Windows that were designed as single-user, non-networked desktop systems. Nevermind.
Get your facts right please...
MacOS X (10) is a derivative from NeXT Operating System, created on top of the Mach microkernel, with true BSD sockets and an enterprise class Object Oriented architecture.
That's the reasons you don't see stack overflows on Mac OS and that's also the reason the system is quite bullet proof.
On the other hand, having terminal access to ANY system opens lots of attack vectors, but those aren't the problem. The real problems are fly-bys and document macro trojans, since you don't know what happened until it's to late.
So next, get your fact right before you speak.
cosuna: Yes. Bulletproof.
"but those aren't the problem"
Of course they aren't.
"These aren't the massive security vulnerabilities you are looking for."
RE: Great. Trivial hack gives any Lion user admin access
Several people in the comments under the original story have stated that it worked for them, others say it didn't.
AFAIAC, if it works for one person, that's too much.
How long will it take for some devious miscreant to weaponize it and release it while Apple ignores, denies, then ultimately patches it?
What's the over/under on the # of days before the Apple patch is released? I'm setting the line at 7.
- Jason
Switch to Windows
RE: Great. Trivial hack gives any Lion user admin access
RE: Great. Trivial hack gives any Lion user admin access