Passware: Filevault can be brute force cracked during the span of a lunchbreak

FileVault has been included in Macs by Apple since the release of Panther many years ago. In Apple’s most recent release, OS X Lion, the company included FileVault that brought new ways of encryption. FileVault lets you encrypt your entire drive with a master password to protect key-chain passwords, files, and more. FileVault 2 uses a separate partition to store the FileVault login information.

Cnet pointed us to a new report from password recovery company PassWare, who claimed it can decrypt Apple’s FileVault 2 in under 40 minutes. Obviously, this is a big concern because FileVault contains so much of users’ information.

PassWare decrypts FileVault by going in through the system’s firewire connection and using live-memory analysis to extract the encryption key from the FileVault partition (so the machine must assumedly be running?). From there, a user can uncover keychain files and login passwords that can be used to unlock the whole HDD/SSD.

PassWare conveniently makes PassWare 11.3 available to do this, but you will have to throw down a lofty $995 to get the software. PassWare makes this software primarily available for law enforcement.

Read more

Gamers beware: Steam’s database hacked, including encrypted credit card information and passwords

Popular game platform Steam, owned by Valve, has been hacked (via PC Gamer). Hackers were able to get into a Steam database, which included encrypted credit card information and passwords of many of its users. Steam isn’t sure at this point if the encryption of the credit card numbers or passwords have been obtained, but warns users to be on the look out for malicious activity. Steam’s Gabe Newell said in a statement to users:

Our Steam forums were defaced on the evening of Sunday, November 6. We began investigating and found that the intrusion goes beyond the Steam forums.

We learned that intruders obtained access to a Steam database in addition to the forums. This database contained information including user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information. We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked.”

Steam is currently keeping their forums closed down while they investigate the situation. The Steam platform hasn’t been knocked down, however. Gabe’s full statement after the break:

Read more