Security researcher demos macOS exploit to access Keychain passwords, but won’t share details with Apple out of protest

youtube.com/watch?v=nYTBZ9iPqsU

9to5mac.com/2019/02/06/mac-keychain-exploit/

>Security researcher demos macOS exploit to access Keychain passwords, but won’t share details with Apple out of protest

>Security researcher Linuz Henze has shared a video demonstration of what is claimed to be a macOS Mojave exploit to access passwords stored in the Keychain. However, he has said he is not sharing his findings with Apple out of protest.
>However, Henze is frustrated that Apple’s bug bounty program only applies to iOS, not macOS, and has decided not to release more information about his latest Keychain invasion.
>The KeySteal demo app does not require administrator privileges to execute the attack. It also does not matter if Access Control Lists are set up. The exploit is also claimed to succeed on machines with System Integrity Protection enabled.

Attached: 1525920258617.jpg (1200x675, 63K)

ITODDLERS BTFO

Attached: tenor.gif (498x278, 1.69M)

Based

Attached: 1547051624967.jpg (788x960, 135K)

kys

>>Security researcher demos macOS exploit to access Keychain passwords, but won’t share details with Apple out of protest
Holy shit this guy is awesome. How will itoddlers ever recover?

seething

unspeakably based

cringe faggot

Attached: Satan(you).jpg (1361x810, 427K)

basic and redflagged

based

unbased and redditpilled

SIP is a fucking joke, there's like 3 CVEs that will walk all over it and one can possibly be executed remotely. Apple needs to trash mac os and start over.

Apple talks the talk but does not walk the walk when it comes to security and user's safety. They should put money where their mouth is. Lets not forget they are one of the most profitable companies in the world.

APPLE CAN'T EVEN FOLLOW BASIC ENCRYPTION PROTOCOLS, HOW IS THIS POSSIBLE

Forced meme

based

They're the patron saint of NIH disease.

They should just drop FagOS in favor of Linux. That would fix all their buggy low-quality software. I was forced to use a macbook for work and constantly found bugs in the window manager, finder, HFS and bluetooth

based

That would also force Microsoft and Adobe to release their primary suites for Linux or abandon the Apple market. I like it.

basolutely based

Attached: 1518065515851.gif (244x248, 113K)

doesn't give access to iCloud Keychain data and that's where the important stuff is stored. local keychain only stores things like passwords for samba shares, and local app saved password info (like RDP session passwords).

based

baste

>"hacking" that needs physical access to the hardware

Actually defending the exploit because its not "the important stuff"

people should use video editing software to create fake hacks to have the apple security team waste millions of dollars scrambling to find exploits that dont even exist

everybody wins;
- it will create jobs
- apple migth incidentally find and fix other bugs
- the black market wins because apple is likely to ignore real bugs once phonies are detected + they'll be occupied with their other incidental discoveries.