Apple’s keychain is used to store passwords and secure information in an encrypted format making it a little easier for “us the users” to access all the many sites and systems we use daily. Well an ex-NSA analyst has found a chink in that armor provided by the keychain. With an app he dubbed “keychainStealer” he was able to retrieve all the contents of the keychain without the need for that master password. This disclosed Facebook, Twitter, and Bank of America passwords on the machine “attacked”.
Hilarously he made a point of asking for his bug bounty to donate to charity in the opening of the keychainStealer app. See even programmers have a sense of humor!
So far Apple has had no answer to this zero day vulerability but we expect a patch to come pretty fast as High Sierra is the latest and greatest from the tech giant.
#security #hacking #bug