PGP Users Locked Out With Latest OS X Update


For the past day or so I’ve been seeing endless people tweeting about how the latest Mac OS X update b0rks your Mac if you are using PGP full disc encryption. It’s a pretty nasty bug, but thankfully it can be recovered from fairly easily.

If you are just looking for a quick solution, you can:

a) Not apply the update (as recommended by PGP)
b) Decypt your volumes, apply the update, then re-encrypt

Users of PGP’s Whole Disk Encryption for Macs got a nasty surprise when they upgraded to the latest OS X update once they discovered their systems were no longer able to reboot.

It seems that Apple and the Symantec-owned PGP suffered a near-fatal failure to communicate that 10.6.5 ships with a new EFI booter that was incompatible with the encryption software’s boot guard. As a result, the update rendered Macs using WDE as little more than expensive paperweights.

“PGP you DO HAVE A FREAKING DEVELOPERS LICENCE FOR APPLE RIGHT???” one outraged user vented here. “YOU CANNOT TEST SYSTEM RELEASES IN ADVANCE???”

It’s caused a massive backlash from the user-base with people hurling insults left, right and center. For the non-tech savvy user it’s pretty worrying when their system can’t even boot up and in most cases they probably have absolutely no idea what to do.

It seems like a lack of communication between PGP devs and Apple with regards to the new boot loader.


Test versions of the update have been available to developers for a while now, but it’s not clear if they included the new EFI booter. If not, the fault could lie with Apple. The world will probably never know.

Fortunately, a fix was provided Thursday morning that’s relatively painless. It involves booting off the PGP recovery CD and then logging in to OS X. An automatic self-repair process that’s part of the Mac bootup sequence will straighten out things from there. A variation on that theme is to put the bricked machine in target mode and boot from another Mac running PGP.

WDE users who have yet to install the update may safely do so by decrypting their systems before running the update, PGP said.

A fix was provided yesterday morning by PGP, the details are here:

Mac PGP WDE customers should not apply the recent Mac OS X 10.6.5 update

Source: The Register

Posted in: Apple, Cryptography

,


Latest Posts:


GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.


Comments are closed.