80°F
weather icon Clear
Las Vegas, NV
Life

Stored passwords in Apple software might not be secure

(Thinkstock)
More Stories
Overuse of digital gadgets harms teenagers, research suggests. But ubiquitous technology may be ...
How older people are reaping brain benefits from new tech
Backward walking could add variety and value to an exercise routine, providing not only a new p ...
Should you add ‘retro walking’ to your workout routine?
Preventive breast care is critical year-round, not just in October. (Getty Images)
Top 10 questions about breast cancer answered
Community members hold each other as music plays during an October 7 attacks remembrance event ...
‘A special meaning’: Oct. 7 attacks, victims remembered in Las Vegas — PHOTOS
By JOSE PAGLIERY CNN
June 18, 2015 - 2:40 pm
 

Apple claims that its “Keychain” software lets people securely store their passwords on their Macs. As it turns out, hackers can pull the keys off the chain.

A crucial flaw found in Macs allows a malicious app to snatch the passwords from your Keychain — or even directly from other apps. That exposes the passwords to your iCloud account, notes, photos, email, banking, social media — everything.

Researchers found that malicious software could slip into the Apple Keychain, delete old passwords, and wait for you to retype them in. When you do, it grabs them.

Apple did not respond with a comment on Tuesday.

The research team said it went public with its findings on Tuesday, because Apple took too long to fix it. They initially notified the company in October. Apple tweaked its operating system in January, they said, but the supposed fix didn’t actually solve the problem.

Fast-forward to June, and there’s still no solution.

A person with knowledge of Apple’s security policies said the company was partly caught by surprise with the sudden publication of this report, since Apple had been communicating with the researchers.

The researchers might pay for their adventure. Apple typically revokes developer credentials for anyone who slips malware into the App Store — even for security research. Renowned security researcher Charlie Miller got a one-year suspension from the App Store in 2011 for that very reason.

MOST READ
Don't miss the big stories. Like us on Facebook.
THE LATEST
Overuse of digital gadgets harms teenagers, research suggests. But ubiquitous technology may be ...
How older people are reaping brain benefits from new tech
By Paula Span • KFF Health News

It’s almost like hearing a nutritionist say bacon is good for you: Digital technology use is being linked to reduced risk of cognitive impairment.

Preventive breast care is critical year-round, not just in October. (Getty Images)
Top 10 questions about breast cancer answered
By Graham King Mayo Clinic News Network

Breast cancer receives much attention in October, buts it’s crucial to keep screenings and exams at the forefront of preventive care year-round.

Jeremy Allen White poses for photographers upon arrival at the premiere of the film "Sprin ...
Jeremy Allen White takes ‘leap of faith’ as the Boss
By C.L. Gaber Special / RJ

Count Bruce Springsteen among those singing the praises of the actor portraying the younger version of the Boss in “Springsteen: Deliver Me From Nowhere.”

FILE - A Medicare Advantage PPO card rests on top of a Medicare card in Portland, Ore., June 10 ...
How do you disenroll from a Medicare Advantage plan?
By Toni King Toni Says

The biggest no-no in the Medicare world is selling a new supplemental policy without advising the client how to disenroll from their Medicare Advantage plan.

President Dallin H. Oaks, president of the Quorum of the Twelve Apostles, opens the 195th semia ...
LDS church names ex-Utah Supreme Court justice new leader
By Hannah Schoenbaum Associated Press

Las Vegas elders praised the selection of Dallin H. Oaks, a former Utah Supreme Court justice, to lead The Church of Jesus Christ of Latter-day Saints.

MORE STORIES