|
|
10.5.7 update
As far as I can determine, in 10.5.7, neither the OS, the Finder, Safari, Mail, Remote Desktop, Directory Utility, Terminal, nor Keychain Access store any passwords in RAM in a way that shows up as plain text in the sleepimage file. I did extensive testing and a sudo grep -a password /var/vm/sleepimage (the strings command won't run on a 4GB file) yielded nothing, even after changing my user password, logging out, logging in, restarting and updating the sleepimage file after every secure access in each app. (Note that if you want to try all this yourself, once you're done you'll need to exit your Terminal session, start a new one, and then edit out the entries in your .bash_history file which contain your password.)
The only time I was able to see a password show up in the sleepimage file was after running VMWare and logging into my Vista vm. That virtual machine's password showed up twice in plain text, so if you use VMWare, that may be a cause for concern although it didn't show up alongside any other strings which would identify it as a password so without knowing what it was already I doubt if anyone but an experienced hacker could fish it out. I didn't test every single app I have installed so it's possible there may be others that aren't safe to use but in general, it appears that Apple's software is not an issue. Ideally, of course, an option to encrypt the sleepimage file along with the swapfiles would be a great addition. BTW, my Late '08 MBP (w/7200rpm HD) updates the sleepimage file in just a few seconds when I close the lid so the time and battery issues described above shouldn't be much of an issue to users of the newer models - it's pretty seamless.
SmartSleep prefPane
The best of all possible worlds:
http://www.jinx.de/SmartSleep.html |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.07 seconds |
|