New security flaw in Mac OS X Lion!


Many people must throw ourselves on the day of its unlock, left no person detached, some criticizing the opposite again to excellent outdated Snow X Lion.&#one hundred sixty;As basic,&#one hundred sixty;Apple has introduced us as the perfect system at all points, implying an inviolable terms of security. Yes but it may well be the king of the jungle on the planet, there is a species over it … Man! And so we come to discover a loophole that would allow a hacker to acquire the rights to your precious  changing your user password .


Before going further I will assure you a bit. Because in order to exploit this new vulnerability, it is necessary that the attacker has physical access (or via SSH command) on your Mac, reducing the number of hacks already available. But what is this famous fault? Well you are just logged to your session, the hacker goes through there, open a Terminal and type this command: "dscl localhost -passwd/Search/Users/USERNAME" (USERNAME is the name of session course) . And presto, change the password without the system gives us the famous pop-up asking us the administrator password. Pretty easy huh?

So good, no system is inviolable, it is impossible. This is not the first and surely not the last fault will be found in this beloved Mac OS . Moreover, those who like me have an iMac that sleeps in the apartment and is only used by you in the evening after work, you can sleep soundly. However, for those who have machines at work or laptops apple is more disturbing and if you want to "fill" the fault of yourself while waiting for a fix from Apple is what you have to do:

  • Disable automatic authentication during system startup (System Preferences / Users / Options).
  • Disable the guest account (still in the Users menu).
  • Enable the password for the wake and the screensaver (System Preferences / Security / General Tab).
  • Lock System Preferences.

Once you check all that go, there is a step to fill this gap, use the parental control to disable user rights applications at risk:

  • Go to System Preferences / Parental Controls.
  • Select your user account.
  • In the list of applications, see "Terminal" and "X11".
  • Uncheck the box for these two applications.

And now, you are the pros of Mac OS security now, you've managed to fill the hole yourself as large (with a little help but it's true that it is Internet, at the base ) will soon apply to Apple .Once all of that fact, when the evil hacker will type the command at the beginning of the article, it will be a good "Access Denied! "In the teeth and will serve him because he will leave sad.

What kind of Geeks find security holes and the info back to Apple I think it's great, but is it in disseminating information on the net it will not cause more problems than if n 'had said nothing to the public? This time many people will try when they go to a Mac, and everyone has not applied the changes mentioned above … Hopefully Apple will react quickly and deploy a fix in the coming days. In your opinion, you should inform people about this kind of fault or just the info back to the business?

 For more coverage on iHelplounge, Follow us on twitter , Become a Fan on Facebook to Stay updated about the the new iPhoneNewsiPhone Applications&#a hundred and sixty;,&#a hundred and sixty;iOS,&#one hundred sixty;OS X, Assist

Follow us on Twitter, subscribe to our Facebook Page, find us on LinkedIn