Security Breach in OS 10.3!?!?!

Kenshi said:
I swear on my mother's life, that there are 2 working passwords for the admin account. I just verified it, by restarting twice, and trying each one.
Click to expand...

If this is really the case, you need to get documentation of this to Apple; it should simply not be possible.

Can you take the tech guy out for a beer or three, and ask him what he did?

And ooh, I know what you can do: Create a second account and copy all your data to that account. But don't delete the first account; keep the G4 user, and leave the existing data in the G4 user's home directory. Then set the user G4 to log in automatically.

Let your boss accidentally overhear that you've given up on keeping others out of your computer, and just went back to auto-login.

Then whenever your boss wants to get into your computer, he'll boot it up, get right into G4's account, and think he's messing with your stuff. Periodically, copy some of your newer stuff over into the other user's account, so that to your boss it continues to appear to be real stuff.

To keep the apps safe, install the apps separately into G4's Apps folder, and into your own. Then your boss can mess with "his" apps all day long, and not be messing with yours, even though he thinks he is.

And turn off fast user switching, of course. With any luck, your boss'll never realize that there's another user on there, and would have no reason to go poking around.

The downside would be, every morning after booting up, you'd have to log out of the G4 user account and log back in as your real user.

But seriously -- yeah, call Apple Tech Support. If this "one user/two passwords" situation is real, it's a serious security issue that Apple needs to know about.
 
I have a couple other suggestions, though I'm no security genius. You could do an archive and install, maybe that will clear up whatever the tech guy did. Also, there's a program called Open Firmware password that you can use so your computer can't boot up from the install cd without the password.
 
Well, is your 10.3 fully updated? Not just the Combo update but all of Security Updates... Also, did you repair permissions? Can you post a picture from your NetInfo Manager clearly showing all the settings for your default admin user(s) and the root user? What about a picture from the Accounts pane inside the System Preferences? It could be that you set a Master Password inside the FileVault tab in Accounts... It could be many things, you know? Just post pictures! Please...

The "problem" you are having is either something VERY^? unique or you are simply having a ball with people around here :rolleyes:
 
This is exceedingly interesting!

So, you have one user, who can log in with two passwords - "dave" and something else. I see two possibilities, at first glance.

One - a hashing collision. The OS doesn't store the password, but a one-way function computed from the password. To log you in, it computes the same one-way function of what you typed in, compares it to what it has stored, and lets you in if they match. There is a very very low chance that your password actually happens to hash to the same value as the word 'dave'. If this is the case, then changing the G4 user's password would eliminated the problem - perhaps try that, and see if 'dave' still works. Extremely unlikely though...

Two - a serious bug in the OS that your tech guy has discovered, either inadvertently and without even realizing what he's done, or through careful research in esoteric publications or exceedingly skillful hacking. It could be that the OS actually tries to authenticate a user in a series of ways, and those ways can actually lead to one user having different stored passwords in different places.

If we assume your tech guy wasn't trying to cover his tracks, you could find out what users have logged on lately with the command 'last'. That might yield some hints.

As Michael pointedout - beer can be a very potent hacking tool indeed. Applying it would likely be the most effective way to solve this mystery.
 
Ok, here was his reply (though he didn't mention how he got passed it.)

You need to go to your system preferences and select accounts. You'll see the name of the account at the
top left of the window and to the left is the password. When you want to change it start typing in password
text box and it will ask to authenticate with the password 'dave' then put in your own password and verify
it in the next text box. That's it.

Thanks
Shawn

So...it could very well be that it's the user (me) and not any fancy hack. It won't be the first time...lol. I'm going to go try what he said, though I swear i've done it before.
 
Turns out his solution was one of the ones I already tried...I emailed him again and told him how the 2 passwords were working on the one account. He said that shouldn't be happening and he'll try and figure out what's wrong. Though it could be weeks before he gets back to me...lol.

I think it has to have had something to do with how he got past my password in the first place...
 
That all shouldn't matter, really. It's not as if 10.3.2 or 10.3.3 had any special issues with 'many' passwords for 'one' account... No idea what's happening there... Can you just ask that tech guy what he did to circumvent your password protection? Straight out _ask_ him...
 
You could spend some money here (link removed) so you might have more bargaining power with your boss and your tech guy. Trust me, theyll take you seriously after that and won't mess with your system ever again.
 
You must log in or register to reply here.
Back
Top