Passware, which develops tools for recovery of passwords, has launched one that allows steal passwords of a Mac locked or idle you use Mac OS X Lion, simply by plugging another computer into the port Firewire of the Mac. This attack technique is several years old and the only sure way to defend yourself is to turn off the Mac.
Passware, which has facilities in Moscow and is headquartered in California, comments that Passware Kit Forensic v11 analyzes the active memory of the Mac via Firewire. Firewire is a serial interface developed in the 1980s by Manzana. At Sony it is known as i.LINK and was standardized as IEEE 1394.
If the device is on and you have logged in at least once, Passware may extract passwords in a few minutes, even if the computer is locked or idle. Can even extract passwords keychain Mac regardless of the safety of the password and even if FileVault data encryption is used.
The issue affects all modern versions of Mac OS, including Snow leopard Y Lion. Since Manzana have not yet ruled on this security breach of their systems.
In Passware warn that there is an easy solution to this problem: turn off the computer, thereby erasing the passwords from the computer memory. They also recommend disabling the remember option password, a basic security mechanism.
The software Passware Kit Forensic v11 It is priced at 860 EUR with one year of free updates.
