Re: More on caching and logging
- From: Gregory Weston <uce@xxxxxxxxxx>
- Date: Mon, 30 Apr 2007 07:18:43 -0400
In article <290420071750025394%geefive@xxxxxxxxxxx>,
geefive <geefive@xxxxxxxxxxx> wrote:
In article <uce-299C07.19483729042007@xxxxxxxxxxxxxxxxxxxxxxxx>,
Gregory Weston <uce@xxxxxxxxxx> wrote:
The point is that this product doesn't have any real decryption
capabilities, nor does it self-elevate its permissions. It's just an app
that runs as the current user and extracts information that's already
readable to absolutely every other app you run under your account should
it choose to do so.
Read that again: It doesn't break any security that's in place. It
simply harvests information which is already insecure.
It says:
"Once the software is run it will extract
data from the Apple Keychain and system settings in order to provide
the examiner fast access to the suspect's critical information with as
little interaction or trace as possible."
Aren't keys encrypted?
The default behavior of the user's primary keychain is to unlock when
you log in to your account. This can be changed via the Keychain Access
application, but most people don't. The product we're talking about
relies on that reality to get at (some of) the information it gathers.
.
- References:
- More on caching and logging
- From: geefive
- Re: More on caching and logging
- From: Gregory Weston
- Re: More on caching and logging
- From: William Mitchell
- Re: More on caching and logging
- From: Gregory Weston
- Re: More on caching and logging
- From: geefive
- Re: More on caching and logging
- From: Gregory Weston
- Re: More on caching and logging
- From: geefive
- More on caching and logging
- Prev by Date: Re: More on caching and logging
- Next by Date: Re: Enter vs Return Key
- Previous by thread: Re: More on caching and logging
- Next by thread: Re: More on caching and logging
- Index(es):
Relevant Pages
|
