Latest Loophole Allows Users To Reset OS X Firmware Passwords For $100

Ramish Zafar
Posted Jun 26, 2016
23Shares
Share Tweet Submit

Security and Apple are two things that often go hand in hand. After all, the primary reason behind Cupertino’s insistence of closed systems is that no unauthorized third parties should be able to access your systems, and most of the time, it seems to work out pretty well. However, we often find loopholes in its frameworks, and today, there’s one that can allow you to reset your Mac OS X firmware passwords without having to contact Apple’s Support team – or having to prove ownership of the device either.

Online SCBO Files For Sale Can Now Allow You To Reset Your Mac OS X Passwords For A Mere $100

Traditionally, if you forgot the firmware password on your Mac, the only solution that would allow you to reset it would have been to contact Apple’s support team. The Support team would then guide you to re-boot your device, during which a particular set of commands would have to be entered. After being requested to press the Shift, Control, Command, Option and S keys simultaneously, users would then be required to generate a code on their screen.

This code, when reported to Apple Support would then result in the team sending the user a SCBO file, which allows for the password on OS X to be removed, and therefore, reset. Prior to today’s findings, only Apple’s support team would have distribution access to these files, which require private encryption keys only available to Apple for generation. Now, according to security engineer fG!, these files are available online at a cost of $100, which should come as a cause of alarm for both users and Apple.

scbo_dxe_binary

And just like any other researcher out there, fG! then set out to verify whether these files actually work and allow a user to reset the firmware password on Mac OS X. While we won’t be getting into the technical bits of the reverse engineering here, the point is that it works, and you don’t have to contact Apple’s Support team in order to change or reset firmware passwords on OS X. In fact, according to fG!, there are tons of videos and sites out there claiming to have step by step processes of the task, so anyone interested should have plenty of options to conduct research of their own.

Another interesting implication of this news is that these SCBO files are virtually impossible to generate without access to Apple’s private encryption keys. This does lead to the fact that there might be proper loopholes present in Apple’s support framework that are allowing malicious parties with access to sensitive content; or perhaps elements inside the aforementioned staff might even be involved as well. Thoughts? Let us know what you think in the comments section below and stay tuned for the latest.

 

Share Tweet Submit