Apple's Mac OS X 10.7 Lion has exploitable security flaws
Apple fans have always been very, very keen to brag about the security of their devices, sneering at everyone else with the kind of superiority normally found in investment bankers and the Roman Catholic church.
However, that confidence could well be taking a hit as security flaws have been spotted in Apple's Mac OS X 10.7 Lion, which basically would allow hackers to extract the password hashes of any system users and change their access codes without authorization.
Patrick Dunstan, who knows about these things and writes about them on the Security in Depth blog, says:
"It appears in the redesign of OS X Lion's authentication scheme a critical step has been overlooked. Whilst non-root users are unable to access the shadow files directly, Lion actually provides non-root users the ability to still view password hash data."
Apparently, the data can be extracted from directory services by invoking the dscl command with a /Search/ path like this: dscl localhost -read /Search/Users/[user]. For your trouble, you'll get a "dsAttrTypeNative:ShadowHashData" section with the password hash.
Using the same dscl tool could also enable someone to change the password of the currently active user, which is no good is it?
Mercifully, this means absolutely nothing to most people, but then again, hackers aren't most people are they? They have see-through skin and a jaded sexual appetite for starters.