Another Panther Security hole?

Posted:
in macOS edited January 2014
(Sorry if this is old news, but I didn't find any previous posts on this)



Firewire Target-mode overrides the bloody login password...



I got my new PB"12 today and had no problems getting access to the files on the PB from my Cube, despite the fact that I had set the PB to prompt for a password at login. No problem the other way either (Mac OS 10.3.1 on both).



So, if a thief, your boss or anybody who like to see your files get physical access to your Mac you're toast. All they need is another mac and a firewire-cable (A Panther-CD should do fine too, but if I'm not mistaken, the Open Firmware Password app will take care it).



I've known for a long time that if somebody get physical access to your Mac the barriers to entry takes a serious hit, but this is laughable easy!



After this, the question of enabling Filevault or not on my new PB is purely academic.



Comments

  • Reply 1 of 9
    wheewhee Posts: 46member
    If someone has physical access to a system, expect them to also have full access to the contents on the hard drive. This is independent of operating system. Encrypt things you don't want to get out, or keep your computer locked down.
  • Reply 2 of 9
    Quote:

    Originally posted by whee

    If someone has physical access to a system, expect them to also have full access to the contents on the hard drive. This is independent of operating system. Encrypt things you don't want to get out, or keep your computer locked down.



    I guess you're right. It's probably just me overreacting. Taking my mac on the road, for the first time ever, makes for a lot of "if"s...
  • Reply 3 of 9
    kickahakickaha Posts: 8,760member
    It's *ALWAYS* been that way.



    FireWire Target Mode overrides any file level permissions on the hard drive. Most folks would consider this a feature when they really really need those files...



    And yes, this is precisely why FileVault was created. If you don't want to play with that yet, you can always set up a Disk Image using Disk Utility and make it encrypted. Store your critical files in there.
  • Reply 4 of 9
    Quote:

    Originally posted by Kickaha

    ...And yes, this is precisely why FileVault was created. If you don't want to play with that yet, you can always set up a Disk Image using Disk Utility and make it encrypted. Store your critical files in there.



    Thanks, great advice. And yes, I'm still kind of uneasy about using Filevault.
  • Reply 5 of 9
    you guys all know that you can set an open firmware password to restrict which drive can be used as the startup disk!?



    i think that this link should solve the security issue -



    http://docs.info.apple.com/article.html?artnum=120095



    you have to download an installer and run it, after which you cant boot up your mac from an external drive or cd, or enter boot up in verbose or safe mode etc.



    hope that this solves your problem



    lee



    edit - sorry i see now that you are talking about booting another mac from the powerbook (and your already aware of the open firmware password)... does seem like a big security flaw!!
  • Reply 6 of 9
    Quote:

    Originally posted by pb_lee

    you guys all know that you can set an open firmware password to restrict which drive can be used as the startup disk!?



    i think that this link should solve the security issue -



    http://docs.info.apple.com/article.html?artnum=120095



    you have to download an installer and run it, after which you cant boot up your mac from an external drive or cd, or enter boot up in verbose or safe mode etc.



    hope that this solves your problem



    lee



    edit - sorry i see now that you are talking about booting another mac from the powerbook (and your already aware of the open firmware password)... does seem like a big security flaw!!




    No, my bad. I didn't have open firmware password installed when I tried to transfer files and programs to my new PB. But I do now...
  • Reply 7 of 9
    bartobarto Posts: 2,246member
    Open Firmware Passwords are a Bad Idea&trade. Apple recommends against them for good reasons, it's not difficult to get stuck and have to send the Mac to an AppleCentre.



    Also, there is a way to override it (which I'm not going to post here due to the millions of school children who will try to override it on their school's Macs), and any technologically savvy thief would be able to.



    Barto
  • Reply 8 of 9
    barto



    why are the open firmware passwords a bad idea?

    i havnt heard much about this feature previously, but now u have me worried!

    is it only a bad idea if you forget your password? or are there other reasons that make these open firmware passwords a bad idea??

    ive given the open firmware the same password as my admin password so i doubt that ill forget it!



    thanks,

    Lee
  • Reply 9 of 9
    bartobarto Posts: 2,246member
    It's a bad idea because there isn't a big benefit, but a big cost.



    If you lose you password, most users have to take a trip to the Apple Store / Independent Reseller. If a third party requires access to the computer (eg an Apple Store upgrading your computer), you have to distribute the password. In other words, it can be a huge inconvenience.



    But what does it give you in return? Not much. Anyone technically skilled enough to boot into single user mode or from a FireWire hard drive a do some damage will be able to disable the password. Like Kickacha has said, if you want to protect your data, you need to use encryption.



    Barto
Sign In or Register to comment.