Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I sent steve jobs ([email protected]) an email saying that MacOS should have an unspoofable dialog for the system password authorization, same way they have for DRM videos etc. I also suggested the user could choose a secret phrase or image to be displayed in the dialog during system setup. Never heard back. This was when Steve was alive and in charge. And to this day anyone can spoof the system password dialog and steal the system password…
 help



I emailed him in 7th grade asking if Pages could automate bibliographies. In hindsight, EasyBib was good enough.

reply


>And to this day anyone can spoof the system password dialog and steal the system password

TouchID solves this in a sense.

reply


Make it look like the TouchID isn't working and switch to password mode, boom. User password obtained

reply


I always wonder about how easy that would be to spoof, because it seems like it'd be trivial.

reply


...but obtaining that phrase may be nontrivial.

reply


Sorry, I mean the current implementation seems trivial to spoof. I agree that doing something like your suggestion would make me feel much more comfortable about those logins.

reply


You mean what Vista introduced?

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: