lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: petard at sdf.lonestar.org (petard) Subject: MacOSX - crash screensaver locked with password and get the desktop back -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > how? - you ask. > i don't know the exact amount of characters, only that if you leave a > key pressed for 5 minutes or more and then hit the enter key, you crash > the screensaver and gain access to the desktop. > you can mess the desktop and all around it (network, mail, docs, > anything you can imagine). it's much easier than that to reproduce; with the right combination of cut and paste (think emacs key bindings) you can overfill the field and get through in just a few seconds :-). on one of the machines here (version 10.2.6 for those who care) it took 10 - 15 seconds in most cases. hopefully no one considered the screensaver to be much protection... regards, petard - -- "Increasingly, people seem to misinterpret complexity as sophistication, which is baffling - the incomprehensible should cause suspicion rather than admiration." -- Niklaus Wirth -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (NetBSD) iD8DBQE/BfS8gkiZ59A0kiQRAnDWAKCBZ488UiCiuBHCPw3rppKfyWe0JACfTjM/ ZfkH/3Pe+Eb8XCiydw5j+Qk= =sJay -----END PGP SIGNATURE-----
Powered by blists - more mailing lists