{"id":11252,"date":"2019-02-19T19:30:46","date_gmt":"2019-02-19T19:30:46","guid":{"rendered":"https:\/\/igotoffer.com\/blog\/?p=11252"},"modified":"2023-11-17T06:05:05","modified_gmt":"2023-11-17T06:05:05","slug":"macos-mojave-bug-keychain","status":"publish","type":"post","link":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain","title":{"rendered":"macOS Mojave Bug: Breaking News &#8211; Keychain is Vulnerable"},"content":{"rendered":"<h2>KeySteal &#8211; Stealing your keychain passwords on macOS Mojave [Video]<\/h2>\r\n<div class=\"ytb\"><p style=\"text-align:center;\">\r\n<iframe title=\"KeySteal - Stealing your keychain passwords on macOS Mojave\" width=\"620\" height=\"465\" src=\"https:\/\/www.youtube.com\/embed\/nYTBZ9iPqsU?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\r\n<\/p><\/div>\r\n<p style=\"text-align:center\">Video uploaded by <a class=\"yt-simple-endpoint style-scope yt-formatted-string\" href=\"https:\/\/www.youtube.com\/@linushenze6229\" target=\"_blank\" rel=\"noopener\">Linus Henze<\/a> on <strong class=\"watch-time-text\">February 3, 2019<\/strong><\/p>\r\n\r\n<h2>macOS Mojave Bug: Breaking News &#8211; Keychain is Vulnerable<\/h2>\r\n<p>An exploit is a software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system. When Apple Mac security specialist Patrick Wardle tested an exploit by Linus Henze, an 18-year-old German bug researcher, Wardle said, \u201cUntil Apple wraps its head around security, I\u2019m shutting off my Mac and going surfing.\u201d What did Henze find that alarmed the experienced security expert? <\/p>\r\n<!-- \/wp:paragraph -->\r\n\r\n<!-- wp:paragraph -->\r\n<p>He found a great vulnerability in the most praised macOS Mojave security application, Apple Keychain. If you\u2019re a Mac user, you surely save all your passwords in Keychain. It works as any password manager: you must  enter your master password to gain access to the database. You can see in this video how easily Henze extracted the complete list of passwords.<\/p>\r\n<!-- \/wp:paragraph -->\r\n\r\n<!-- wp:paragraph -->\r\n<p>He didn\u2019t need root privileges to pull off the trick. Nor did System Integrity Protection prevent the hack! SIP was developed to protect registry changes like code injection, debugging, or tracing. SIP also prohibits unsigned kernel extensions and guards file integrity. It operates at a kernel level; once activated, it can disobey even root privileges. Ideally, all you have to do is flag the directory you want to protect and let SIP do its job. And yet\u2014and yet!\u2014the new bug is \u201cinvisible\u201d to SIP. This means that the vulnerability is hidden in the kernel of the macOS Mojave. That it\u2019s inseparable from its code. And that there\u2019s no remedy against it. <\/p>\r\n<!-- \/wp:paragraph -->\r\n\r\n<!-- wp:image {\"id\":11299,\"align\":\"center\"} -->\r\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img loading=\"lazy\" width=\"650\" height=\"500\" src=\"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug-mac-keychains.png\" alt=\"The exploit allows access to Mac Keychain items but not information stored in iCloud. Keychain is also required to be unlocked, something that happens by default when a user logs in to their account on a Mac. \" class=\"wp-image-11299\" srcset=\"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug-mac-keychains.png 650w, https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug-mac-keychains-300x231.png 300w, https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug-mac-keychains-620x477.png 620w, https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug-mac-keychains-195x150.png 195w, https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug-mac-keychains-600x462.png 600w, https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug-mac-keychains-195x150@2x.png 390w\" sizes=\"(max-width: 650px) 100vw, 650px\" \/><figcaption>The exploit allows access to Mac Keychain items but not information stored in iCloud. Keychain is also required to be unlocked, something that happens by default when a user logs in to their account on a Mac.<\/figcaption><\/figure><\/div>\r\n<!-- \/wp:image -->\r\n\r\n<!-- wp:paragraph -->\r\n<p>Now I think you can better understand Wardle\u2019s words. He was joking, of course, but not quite. I\u2019ll tell you something that will make your hair stand on end: The Apple bug bounty program DOES NOT include macOS. In other words, researchers share their findings by their own volition. Henze doesn\u2019t want to help Apple out of charity. He said to Forbes that finding vulnerabilities like that one took time, and he had every right to a reward. As none was offered, Henze chose to upload a short demo to inform the world. This YouTube video was viewed 11,000 times, but Apple is silent. <\/p>\r\n<!-- \/wp:paragraph -->\r\n\r\n<!-- wp:paragraph -->\r\n<p>This is the other part of the problem: Apple is cosplaying an Egyptian sphinx. No one stepped forward and verbalized  the company\u2019s concerns over the issue. We have to cope with it on our own. What can we do to save our passwords? And do we have to do anything at all? Henze didn\u2019t share his exploit; he\u2019s a white hat hacker. However, there\u2019s a chance that someone somewhere can reconstruct his algorithm. So, let\u2019s follow the \u2018better safe than sorry\u2019 saying until Apple rolls out a patch. <\/p>\r\n<!-- \/wp:paragraph -->\r\n\r\n<!-- wp:paragraph -->\r\n<p>Some websites advise adding additional master passwords to Keychain. I personally don\u2019t see any use in it. A kernel bug doesn\u2019t care how many passwords you add. The best way is to retrieve the passwords from Keychain and save them elsewhere. Here\u2019s the list of options: <\/p>\r\n<!-- \/wp:paragraph -->\r\n\r\n<!-- wp:paragraph -->\r\n<p>Copy your passwords to a text file and save the file on an unconnected device or other PC under an inconspicuous name.<br> Transfer the passwords to a reliable third-party password manager. <br> Take your time and create  master password with at least 15 symbols.<\/p>\r\n<!-- \/wp:paragraph -->\r\n\r\n<h2>Links<\/h2>\r\n<ul><li><a href=\"https:\/\/9to5mac.com\/2019\/02\/06\/mac-keychain-exploit\/\" target=\"_blank\" rel=\"noreferrer noopener\">Security researcher demos macOS exploit to access Keychain passwords, but won\u2019t share details with Apple out of protest<\/a> &#8211; 9to5Mac<\/li><li>How to avoid further problems with MacOS Mojave Bug: <a href=\"https:\/\/igotoffer.com\/sell\/macbook\" target=\"_blank\" rel=\"noreferrer noopener\">Trade in your old Macbook<\/a> for top dollar! &#8211; iGotOffer<\/li><\/ul>\r\n","protected":false},"excerpt":{"rendered":"<p>KeySteal &#8211; Stealing your keychain passwords on macOS Mojave [Video] Video uploaded by Linus Henze on February 3, 2019 macOS Mojave Bug: Breaking News &#8211; Keychain is Vulnerable An exploit is a software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system. When Apple Mac security specialist Patrick Wardle tested an exploit by Linus [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":11297,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[442],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>macOS Mojave Bug: Breaking News - Keychain is Vulnerable | iGotOffer<\/title>\n<meta name=\"description\" content=\"Breaking news: keychain is vulnerable to a macOS Mojave bug. The software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"macOS Mojave Bug: Breaking News - Keychain is Vulnerable | iGotOffer\" \/>\n<meta property=\"og:description\" content=\"Breaking news: keychain is vulnerable to a macOS Mojave bug. The software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain\" \/>\n<meta property=\"og:site_name\" content=\"iGotOffer Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/iGotOffer\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/svetlana.ustinova2\" \/>\n<meta property=\"article:published_time\" content=\"2019-02-19T19:30:46+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-11-17T06:05:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"650\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@iGotOffer\" \/>\n<meta name=\"twitter:site\" content=\"@iGotOffer\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Steve\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/igotoffer.com\/blog\/#website\",\"url\":\"https:\/\/igotoffer.com\/blog\/\",\"name\":\"iGotOffer Blog\",\"description\":\"News and reviews about electronics &amp; apps\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/igotoffer.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#primaryimage\",\"url\":\"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug.jpg\",\"contentUrl\":\"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug.jpg\",\"width\":650,\"height\":400,\"caption\":\"macOS Mojave Bug: Breaking News - Keychain is Vulnerable\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#webpage\",\"url\":\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain\",\"name\":\"macOS Mojave Bug: Breaking News - Keychain is Vulnerable | iGotOffer\",\"isPartOf\":{\"@id\":\"https:\/\/igotoffer.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#primaryimage\"},\"datePublished\":\"2019-02-19T19:30:46+00:00\",\"dateModified\":\"2023-11-17T06:05:05+00:00\",\"author\":{\"@id\":\"https:\/\/igotoffer.com\/blog\/#\/schema\/person\/2e5559af8f4c85b3c121b665ccef1e16\"},\"description\":\"Breaking news: keychain is vulnerable to a macOS Mojave bug. The software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system.\",\"breadcrumb\":{\"@id\":\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/igotoffer.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"macOS Mojave Bug: Breaking News &#8211; Keychain is Vulnerable\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/igotoffer.com\/blog\/#\/schema\/person\/2e5559af8f4c85b3c121b665ccef1e16\",\"name\":\"Steve\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/igotoffer.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/ef902dfdf5f1c30f261fa557b8d6d80a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/ef902dfdf5f1c30f261fa557b8d6d80a?s=96&d=mm&r=g\",\"caption\":\"Steve\"},\"sameAs\":[\"https:\/\/igotoffer.com\/\",\"https:\/\/www.facebook.com\/svetlana.ustinova2\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"macOS Mojave Bug: Breaking News - Keychain is Vulnerable | iGotOffer","description":"Breaking news: keychain is vulnerable to a macOS Mojave bug. The software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain","og_locale":"en_US","og_type":"article","og_title":"macOS Mojave Bug: Breaking News - Keychain is Vulnerable | iGotOffer","og_description":"Breaking news: keychain is vulnerable to a macOS Mojave bug. The software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system.","og_url":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain","og_site_name":"iGotOffer Blog","article_publisher":"https:\/\/www.facebook.com\/iGotOffer","article_author":"https:\/\/www.facebook.com\/svetlana.ustinova2","article_published_time":"2019-02-19T19:30:46+00:00","article_modified_time":"2023-11-17T06:05:05+00:00","og_image":[{"width":650,"height":400,"url":"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_creator":"@iGotOffer","twitter_site":"@iGotOffer","twitter_misc":{"Written by":"Steve","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/igotoffer.com\/blog\/#website","url":"https:\/\/igotoffer.com\/blog\/","name":"iGotOffer Blog","description":"News and reviews about electronics &amp; apps","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/igotoffer.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#primaryimage","url":"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug.jpg","contentUrl":"https:\/\/igotoffer.com\/blog\/wp-content\/uploads\/2019\/02\/macos-mojave-bug.jpg","width":650,"height":400,"caption":"macOS Mojave Bug: Breaking News - Keychain is Vulnerable"},{"@type":"WebPage","@id":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#webpage","url":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain","name":"macOS Mojave Bug: Breaking News - Keychain is Vulnerable | iGotOffer","isPartOf":{"@id":"https:\/\/igotoffer.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#primaryimage"},"datePublished":"2019-02-19T19:30:46+00:00","dateModified":"2023-11-17T06:05:05+00:00","author":{"@id":"https:\/\/igotoffer.com\/blog\/#\/schema\/person\/2e5559af8f4c85b3c121b665ccef1e16"},"description":"Breaking news: keychain is vulnerable to a macOS Mojave bug. The software that literally \u201cexploits\u201d various vulnerabilities found in a computer\u2019s system.","breadcrumb":{"@id":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/igotoffer.com\/blog\/macos-mojave-bug-keychain#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/igotoffer.com\/blog\/"},{"@type":"ListItem","position":2,"name":"macOS Mojave Bug: Breaking News &#8211; Keychain is Vulnerable"}]},{"@type":"Person","@id":"https:\/\/igotoffer.com\/blog\/#\/schema\/person\/2e5559af8f4c85b3c121b665ccef1e16","name":"Steve","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/igotoffer.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/ef902dfdf5f1c30f261fa557b8d6d80a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/ef902dfdf5f1c30f261fa557b8d6d80a?s=96&d=mm&r=g","caption":"Steve"},"sameAs":["https:\/\/igotoffer.com\/","https:\/\/www.facebook.com\/svetlana.ustinova2"]}]}},"_links":{"self":[{"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/posts\/11252"}],"collection":[{"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/comments?post=11252"}],"version-history":[{"count":2,"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/posts\/11252\/revisions"}],"predecessor-version":[{"id":14974,"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/posts\/11252\/revisions\/14974"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/media\/11297"}],"wp:attachment":[{"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/media?parent=11252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/categories?post=11252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/igotoffer.com\/blog\/wp-json\/wp\/v2\/tags?post=11252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}