Feeds

Panther bitten by second data damaging bug

FileVault to blame this time

  • alert
  • submit to reddit

Mac OS X 10.3's FileVault system, which protects each user's home folder with on-the-fly 128-but AES data encryption, has been found to contain a data-damaging glitch, Apple has admitted.

The bug manifests itself as a request to regain lost disk space in the encrypted directory. If the user responds in the affirmative, FileVault's reclamation process damages the user's keychain data. Keychain is the Mac OS' secure password storage system, allowing passwords to be accessed through a single master code.

Damaging the data held in the keychain prevents the Safari web browser from automatically signing on to certain web sites, stops Mail logging on to email servers and so on. Many other applications that store passwords in the keychain are likely to be affected too.

Apple last night said it was aware of the problem but was not yet recommending that users disable FileVault. Simply refusing to allow the software to reclaim lost disk space keeps the bug at bay.

The FileVault problem follows an earlier clash between Panther and version 1.0.3 of Oxford Semiconductor's 800MBps FireWire interface chip. That bug lead to data being damaged on external hard drives connected to the host Mac after Panther had been installed on the host system. Oxford sent out updated firmware in September, but drive vendors have only now started to offer it to their customers. ®

Related Story

Apple blames Oxford for Firewire data loss bug

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.