[ad_1]
Hacker and software security expert Linuz Henze, who is used to reporting bugs on iOS, has decided not to give details to Apple about a security flaw under macOS
. of failure, where an exploit takes advantage of the flaw in the system to access the pbadwords stored in the keychain. According to Linuz, he is frustrated by the fact that the film's program, which is about to be released in the movie, Apple's Rewards do not cover the bugs related to macOS, but only to iOS. Therefore, he does not share the details of the failure with the company. He even asks other hackers to publicly reveal any shortcomings encountered in order to pressure the company for the inclusion of macOS in the rewards program for bugs. or the access control lists are configured to launch the attack. Even the activation of System Integrity Protection does not prevent the action of the exploit, which can apparently access all the elements of the local keychain, but does not damage the keychain iCloud .
A solution against the exploit would block a login keychain with an extra pbadword, however, would require the system to request many security authentications when using the device.
Apple has not commented on this failure yet.
