Tag - FileVault
It's not as if you've got a PC. Yet if Macs and iOS are more secure than Windows and Android by design, that doesn't mean that you can't or shouldn't play your part in protecting yourself. We're not going to go screaming about a boogeyman, we're never going to recommend security software like Kaspersky's, which caused us more problems than they were supposed to fix, but we are going to be practical.
Apple has published a new white paper on FileVault 2, the whole-disk encryption and security tool first introduced in OS X 10.7 Lion. The document describes deployment methods for the technology and provides extensive information about the utility's architecture and implementation in OS X.
Apple has released a fourth preview of Mountain Lion Server to developers. The code is also listed as build 12S219n, and follows just a day after a third update of the main Mountain Lion preview. A number of known issues are listed in the Server preview; among others, there are several problems each in the use of FileVault, Time Machine, and Game Center.
Virtualization specialists VMWare have updated VMWare Fusion to version 4.1, which resolves a number of issues from v4.0 as well as bringing in new features including native full-screen support in Lion, "smart" full screen that is aware of multiple monitors, the return of a feature where favorite virtual machines are automatically loaded when Fusion starts up, support for FileVault 2 and significant graphics performance.
Japanese researchers today revealed that they have developed a crack that can break WPA (Wireless Protected Access) encryption on a Wi-Fi network within a minute. Kobe University's Masakatu Morii and Hiroshima University's Toshihiro Ohigashi together developed a practical attack that exploits a vulnerability in the Temporal Key Integrity Protocol, or TKIP, that underlines WPA. While not providing full details of the attack for security reasons, the new approach is much faster than a previous technique that took between 12 and 15 minutes to expose the network.
Apple is beginning to pave significant paths into the corporate world, says the research firm Yankee Group. Following a recent web survey of 750 global IT administrators and C-level executives, the firm says it has discovered that approximately four out of every five businesses have Macs running on their network. In general, says Yankee analyst Laura DiDio, adoption of Apple computers is said to be growing at a "steady and sustained pace not seen since the late 1980s."
A Georgia-born author, researcher and speaker who was due to deliver a speech about a new flaw in Apple's FileVault encryption system at the annual Black Hat hacker convention next week in Las Vegas will no longer be speaking at the event, according to a recent report. The encryption system is used in the Mac OS X v10.3 and newer operating systems. Charles Edge's scheduled presentation was pulled from the scheduled talks last week. Edge claims to have signed confidentiality agreements with Apple prevented him from delivering the address.
Security firm Sophos has published a new list of 10 recommendations, specifically on the topic of safeguarding MacBook data. The company notes that while Windows systems are more prone to attack as the more popular format, Macs are still vulnerable, particularly when mobile ones are brought out in public. In this regard the company notes that the best protection is to simply leave data or a computer at home, unless it is absolutely necessary. When browsing at a cafe, for instance, data can be stolen simply by reading over someone's shoulder.
Apple's FileVault is among the encryption technologies that may expose its secrets in RAM, suggests a paper produced at Princeton University. Through several experiments, computer scientists with Princeton discovered that many computers leave encryption data in RAM during two vulnerable states: powering down, and rebooting. While accessing data after power-down requires super-cooling the RAM and transferring it to another machine for examination, the reboot phase may be more easily exploitable.