Vivian
They just have to boot into Recovery Mode and then use Terminal to reset your password.
Casual reminder to Mac users that, if you don’t set a firmware password, someone could use Recovery Mode to break in https://support.apple.com/en-us/HT204455
-
-
-
It’s not exactly difficult, and just enabling FileVault doesn’t prevent someone from doing this: http://www.hongkiat.com/blog/reset-osx-user-account-password/ …
- View other replies
-
FileVault protects your primary partition, but it does not protect the recovery partition.
-
Firmware passwords prevent booting from another partition/external drive without entering your password.
-
@VanguardVivian With that said, however, a sophisticated attacker can always overwrite your firmware with a firewire exploit. - View other replies
-
@ireneista@vanguardvivian yep, and thunderbolt has gotten the same kind of exploit too -
@Wxcafe@VanguardVivian Yes, they both give direct access to the real address space. It's kinda awful. -
@ireneista@vanguardvivian "but it's fast!" — Someone at Apple that doesn't care about security, probably - Show more
-
-
@VanguardVivian@locks you're better off just turning on FileVault if you care about the physical security of your Mac IMO -
@VanguardVivian@apontious How much does that matter in practice if the boot drive is encrypted with FileVault? -
-
@vanguardvivian casual reminder that that's true for PC users too -
@vanguardvivian (also casual reminder that if someone's got their hands on your device directly they can pretty much break in anyway)
-
-
@VanguardVivian thanks for this, I remember now from years ago but I guess figured they'd plugged that oversight by now :-/ -
@vanguardvivian I wonder how Apple can bypass FW passwords, they say "make a service appointment" if you forget it https://support.apple.com/en-us/HT203409 -
@VanguardVivian also enabling FileVault 2. Renders the HD's contents an incomprehensible binary blob without the correct passphrase. -
@VanguardVivian the ugly part: looks like Apple has a master key: https://support.apple.com/en-us/HT203409
Several Irenes
technopagan
Justin Searls
Daniel Jalkut
melody
A.K. Blubsinsten
(╯°□°)╯︵ ┻━┻
Haunted Luca
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
RT