As our privacy rights are continually eroded in this country, we’ll probably begin seeing more applications like this one making an appearance. Although MacLockPick is supposedly not for sale to the general public (only licensed law-enforcement may purchase the product), we all know that these things tend to find an underground distribution chain. So, it’s best to be aware of these things.
It appears that MacLockPick makes use of the loose security settings that come standard on the Mac (especially KeyChain). These steps will greatly increase the security (and privacy) of your Mac.
- Go to the Utilities folder
- Open the KeyChain Access application
- Under ‘Edit’ select ‘Change settings for KeyChain …’
- In the Settings window, check ‘Lock after X minutes of inactivity’
- Also check ‘Lock When Sleeping’
If you use the ‘Remember passwords’ on your browser, you should also enable a master password (in FireFox) to encrypt this information.
I will report here as more information on how this software is able to defeat Mac OS X security appears.
