PGP Users Locked Out With Latest OS X Update


For the past day or so I’ve been seeing endless people tweeting about how the latest Mac OS X update b0rks your Mac if you are using PGP full disc encryption. It’s a pretty nasty bug, but thankfully it can be recovered from fairly easily.

If you are just looking for a quick solution, you can:

a) Not apply the update (as recommended by PGP)
b) Decypt your volumes, apply the update, then re-encrypt

Users of PGP’s Whole Disk Encryption for Macs got a nasty surprise when they upgraded to the latest OS X update once they discovered their systems were no longer able to reboot.

It seems that Apple and the Symantec-owned PGP suffered a near-fatal failure to communicate that 10.6.5 ships with a new EFI booter that was incompatible with the encryption software’s boot guard. As a result, the update rendered Macs using WDE as little more than expensive paperweights.

“PGP you DO HAVE A FREAKING DEVELOPERS LICENCE FOR APPLE RIGHT???” one outraged user vented here. “YOU CANNOT TEST SYSTEM RELEASES IN ADVANCE???”

It’s caused a massive backlash from the user-base with people hurling insults left, right and center. For the non-tech savvy user it’s pretty worrying when their system can’t even boot up and in most cases they probably have absolutely no idea what to do.

It seems like a lack of communication between PGP devs and Apple with regards to the new boot loader.


Test versions of the update have been available to developers for a while now, but it’s not clear if they included the new EFI booter. If not, the fault could lie with Apple. The world will probably never know.

Fortunately, a fix was provided Thursday morning that’s relatively painless. It involves booting off the PGP recovery CD and then logging in to OS X. An automatic self-repair process that’s part of the Mac bootup sequence will straighten out things from there. A variation on that theme is to put the bricked machine in target mode and boot from another Mac running PGP.

WDE users who have yet to install the update may safely do so by decrypting their systems before running the update, PGP said.

A fix was provided yesterday morning by PGP, the details are here:

Mac PGP WDE customers should not apply the recent Mac OS X 10.6.5 update

Source: The Register

Posted in: Apple, Cryptography

,


Latest Posts:


Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.
UBoat - Proof Of Concept PoC HTTP Botnet Project UBoat – Proof Of Concept PoC HTTP Botnet Project
UBoat is a PoC HTTP Botnet designed to replicate a full weaponised commercial botnet like the famous large scale infectors Festi, Grum, Zeus and SpyEye.
LambdaGuard - AWS Lambda Serverless Security Scanner LambdaGuard – AWS Lambda Serverless Security Scanner
LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
exe2powershell - Convert EXE to BAT Files exe2powershell – Convert EXE to BAT Files
exe2powershell is used to convert EXE to BAT files, the previously well known tool for this was exe2bat, this is a version for modern Windows.
HiddenWall - Create Hidden Kernel Modules HiddenWall – Create Hidden Kernel Modules
HiddenWall is a Linux kernel module generator used to create hidden kernel modules to protect your server from attackers.
Anteater - CI/CD Security Gate Check Framework Anteater – CI/CD Security Gate Check Framework
Anteater is a CI/CD Security Gate Check Framework to prevent the unwanted merging of filenames, binaries, deprecated functions, staging variables and more.


Comments are closed.