Closed SteveKueng closed 10 years ago
Hi Steve,
You are right, you can copy over the system keychain in target disk mode. However, it is still encrypted using the SystemKey, which is has privileged read/write only (not hard to get around, though).
The only protections against this are
okey thanks :)
than the only way is encrypt the boot volume, because the firmware password isn't secure enough... My users will hate me... ;)
Hey there!
Your tool is really cool, but I tested something and I thing this is a little security problem.
1st partition ist NOT encrypted (Macintosh HD) 2nd partition is encrypted (Users)
So when I boot in target mode and go in to de Macintosh HD copy the system keychain to an other machine, install unlock on the this machine and boot, I can mount the Users partition without a password. I tested this on two Macs (10.9 and 10.8)
best regards Steve