Apple Powerbook Security Control Panel
info, views, download, rating, security, insecure
Information: All Apple Powerbook have the option of setting up a
security control panel, making it so when you boot you must enter a
password before it mounts the drive. Good security for a laptop!
Views:
Good security for those LapTop Users. At lease this program can fool an
idiot!
Download Version:
Bundled with MacOS System Software
Rating:
Insecurity:
Security Breaches in the Password Security Control Panel: Owners of
Powerbook have the option of using the Control Panel "Password Security".
With Password Security turned on the owner of the PowerBook can
password-protect his/her computer. This involves a password dialog asking
for a password every time the Hard Drive is mounted. In day to day use
this means that every time the computer boots up or is "woken up" from
sleep, the dialog asking for the password appears. If an incorrect
password is entered three times the computer either shuts down or "puts
itself to sleep". The Password Security Control Panel stores it's
settings in a file called "aaaaaaaaAPWD" in the root folder of the Hard
Drive. This file is impossible to access under OS 8.5 due to the fact that
it has the attribute of a disk. It can neither be moved, opened nor
copied. It is, however, important to notice that this file contains a
bit-flag indicating whether Password Security is turned on or off. It
contains, furthermore, an encrypted version of the password. The first
security breach in the Password Security Control Panel is that it generates
an emergency password every time the password dialog is displayed. This
password is a number generated using the current date, number of ticks
since startup and the name of the Hard Drive. Due to these criteria it is
almost impossible to generate the emergency password using another
application. It is however possible to force the Control Panel to display
the emergency password. This would, however, require tedious programing.
There is unfortunately a much easier way to turn off the Control Panel.
Using an emergency startup disk (or CD) and Norton Disk Editor anyone can
turn off the Password Security Control Panel and even change the password.
If the PowerBook is booted up using an emergency startup disk the password
dialog will appear when the Hard Drive is being mounted. If the user
cancels this operation the PowerBook will still be usable, although the
Hard Drive will not mount, leaving all information on the Hard Drive
unavailable. However, Norton Disk Editor has the ability to display and
change data even on unmounted disks. Since the settings file, aaaaaaaaAPWD,
can be accessed this way, anyone can toggle the "on/off" mode of the Control
Panel. This can be achieved by changing the value of the byte at offset
three in the data fork from 01 to 00. Since the encrypted password is
stored at offset 4 in the data fork of the file even that can be changed.
Unfortunately there is no way to protect oneself from these security
breaches currently. As always, the best way to protect information on a
computer is by using "secure" encryption applications. --==< Disclaimer
>==-- These security holes are very real and may be exploited for
"damaging" purposes. The objective of this text file was NOT to encourage
such behavior but simply to point out the existing security breaches of the
Control Panel "Password Security". Therefore will neither mSec nor any of
its past, current or future members take any responsibility for any kind
of damage that may occur due to any direct or indirect use of the
information provided. --==< End Notes >==-- These security breaches were
found by mSec. If you want to find out more about mSec please visit our
homepage at: www.msec.net. You can also reach us and chat with the members
on our Hotline server at: msec.net. This text file was put together by
ProZaq. If you have any questions or comments, my e-mail address is:
prozaq@usa.net
Or Download as TXT
There are many more techniques than listed here. If you know of one, please email us. We are more than happy
to research and post it here!
|
