SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

Macintosh Security Site – FileGuard Advisory 02.18.2k

Posted on June 2, 2001

Operating System Affected: MacOS 8.6 and below
Software: ALL versions of FileGuard
Threat: medium

The computer protection software “FileGuard” is renowned for its excellent ability of keeping people off your box. While playing around with the latest version, I started playing with the logs. I got to fooling around with file names and realized that you can change the name of a file without it being logged.

Take this scenario. Someone gets onto your computer and they are restricted from all of your Internet applications. They bring a copy of “ferret” (http://jindel.cjb.net), a notorious hacker tool used to gather passwords. Not taking the (highly unlikely) chance that you aren’t logging anything, they rename ferret “AppleWorks”. They run ferret and get all your passwords. Print them out. Rename ferret like “AppleWorks Art” and trash it. Now they have all your passwords and stuff – to about 15 odd apps.

You’re probably saying – “what can I do?” Well, nothing. Heh. Sorry. The best solution is to keep everyone off your computer.

Join our mailing list for the latest security news and deals