New 'white paper' added to growing list of educational docs
Apple has published a new white paper on FileVault 2, the whole-disk encryption and security tool first introduced in OS X 10.7 Lion. The document describes deployment methods for the technology and provides extensive information about the utility's architecture and implementation in OS X.
Known issues include problems with FileVault, Time Machine
Apple has released a fourth preview of Mountain Lion Server to developers. The code is also listed as build 12S219n, and follows just a day after a third update of the main Mountain Lion preview. A number of known issues are listed in the Server preview; among others, there are several problems each in the use of FileVault, Time Machine, and Game Center.
Native Lion full-screen mode now available
Virtualization specialists VMWare have updated VMWare Fusion to version 4.1, which resolves a number of issues from v4.0 as well as bringing in new features including native full-screen support in Lion, "smart" full screen that is aware of multiple monitors, the return of a feature where favorite virtual machines are automatically loaded when Fusion starts up, support for FileVault 2 and significant graphics performance.
WPA 1 Minute Hack
Japanese researchers today revealed that they have developed a crack that can break WPA (Wireless Protected Access) encryption on a Wi-Fi network within a minute. Kobe University's Masakatu Morii and Hiroshima University's Toshihiro Ohigashi together developed a practical attack that exploits a vulnerability in the Temporal Key Integrity Protocol, or TKIP, that underlines WPA. While not providing full details of the attack for security reasons, the new approach is much faster than a previous technique that took between 12 and 15 minutes to expose the network.
Apple gains corp. traction
Apple is beginning to pave significant paths into the corporate world, says the research firm Yankee Group. Following a recent web survey of 750 global IT administrators and C-level executives, the firm says it has discovered that approximately four out of every five businesses have Macs running on their network. In general, says Yankee analyst Laura DiDio, adoption of Apple computers is said to be growing at a "steady and sustained pace not seen since the late 1980s."
Black Hat speech canned
A Georgia-born author, researcher and speaker who was due to deliver a speech about a new flaw in Apple's FileVault encryption system at the annual Black Hat hacker convention next week in Las Vegas will no longer be speaking at the event, according to a recent report. The encryption system is used in the Mac OS X v10.3 and newer operating systems. Charles Edge's scheduled presentation was pulled from the scheduled talks last week. Edge claims to have signed confidentiality agreements with Apple prevented him from delivering the address.
10 MacBook data theft tips
Security firm Sophos has published a new list of 10 recommendations, specifically on the topic of safeguarding MacBook data. The company notes that while Windows systems are more prone to attack as the more popular format, Macs are still vulnerable, particularly when mobile ones are brought out in public. In this regard the company notes that the best protection is to simply leave data or a computer at home, unless it is absolutely necessary. When browsing at a cafe, for instance, data can be stolen simply by reading over someone's shoulder.
FileVault RAM hack
Apple's FileVault is among the encryption technologies that may expose its secrets in RAM, suggests a paper produced at Princeton University. Through several experiments, computer scientists with Princeton discovered that many computers leave encryption data in RAM during two vulnerable states: powering down, and rebooting. While accessing data after power-down requires super-cooling the RAM and transferring it to another machine for examination, the reboot phase may be more easily exploitable.