KidM to CybersecurityEnglish · 4 months agoCritical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)www.helpnetsecurity.comexternal-linkmessage-square18fedilinkarrow-up199arrow-down11
arrow-up198arrow-down1external-linkCritical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)www.helpnetsecurity.comKidM to CybersecurityEnglish · 4 months agomessage-square18fedilink
minus-squaresatanmat@lemmy.worldlinkfedilinkEnglisharrow-up7arrow-down9·4 months agoAnd it is MacOS only… so. While yes this is very important - this is a very small target… Mac users who use 1Password
minus-squareli10@feddit.uklinkfedilinkEnglisharrow-up13·4 months agoDoesn’t sound like it would be that small of a target? I don’t know what the user distribution is like, but I imagine Mac users are a solid chunk of users for a “premium” password manager like this.
minus-squaresatanmat@lemmy.worldlinkfedilinkEnglisharrow-up1arrow-down5·4 months agoPerhaps, I am certain that it is a non zero number. But the majority of Apple users would use keychain (apples built in passwords management) first. Shrug. Ymmv
minus-squarebrlemworld@lemmy.worldlinkfedilinkEnglisharrow-up3arrow-down1·4 months agoIt works on android too… And web browsers
minus-squaresmooth_tea@lemmy.worldlinkfedilinkEnglisharrow-up6·4 months agoDoes nobody read the article? 1Password works on any platform but the attack is Mac only because it’s actually getting passwords from a Mac’s keychain through older versions of 1Password.
And it is MacOS only… so. While yes this is very important - this is a very small target… Mac users who use 1Password
Doesn’t sound like it would be that small of a target?
I don’t know what the user distribution is like, but I imagine Mac users are a solid chunk of users for a “premium” password manager like this.
Perhaps, I am certain that it is a non zero number. But the majority of Apple users would use keychain (apples built in passwords management) first.
Shrug. Ymmv
It works on android too… And web browsers
Does nobody read the article? 1Password works on any platform but the attack is Mac only because it’s actually getting passwords from a Mac’s keychain through older versions of 1Password.