PGP Users Locked Out With Latest OS X Update


For the past day or so I’ve been seeing endless people tweeting about how the latest Mac OS X update b0rks your Mac if you are using PGP full disc encryption. It’s a pretty nasty bug, but thankfully it can be recovered from fairly easily.

If you are just looking for a quick solution, you can:

a) Not apply the update (as recommended by PGP)
b) Decypt your volumes, apply the update, then re-encrypt

Users of PGP’s Whole Disk Encryption for Macs got a nasty surprise when they upgraded to the latest OS X update once they discovered their systems were no longer able to reboot.

It seems that Apple and the Symantec-owned PGP suffered a near-fatal failure to communicate that 10.6.5 ships with a new EFI booter that was incompatible with the encryption software’s boot guard. As a result, the update rendered Macs using WDE as little more than expensive paperweights.

“PGP you DO HAVE A FREAKING DEVELOPERS LICENCE FOR APPLE RIGHT???” one outraged user vented here. “YOU CANNOT TEST SYSTEM RELEASES IN ADVANCE???”

It’s caused a massive backlash from the user-base with people hurling insults left, right and center. For the non-tech savvy user it’s pretty worrying when their system can’t even boot up and in most cases they probably have absolutely no idea what to do.

It seems like a lack of communication between PGP devs and Apple with regards to the new boot loader.


Test versions of the update have been available to developers for a while now, but it’s not clear if they included the new EFI booter. If not, the fault could lie with Apple. The world will probably never know.

Fortunately, a fix was provided Thursday morning that’s relatively painless. It involves booting off the PGP recovery CD and then logging in to OS X. An automatic self-repair process that’s part of the Mac bootup sequence will straighten out things from there. A variation on that theme is to put the bricked machine in target mode and boot from another Mac running PGP.

WDE users who have yet to install the update may safely do so by decrypting their systems before running the update, PGP said.

A fix was provided yesterday morning by PGP, the details are here:

Mac PGP WDE customers should not apply the recent Mac OS X 10.6.5 update

Source: The Register

Posted in: Apple, Cryptography

,


Latest Posts:


zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Sandcastle is an Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target's name as the stem argument (e.g. shopify).
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network


Comments are closed.