Explore critical security research findings about password manager vulnerabilities in this DEF CON 32 conference talk that investigates the local attack surface of the MacOS desktop application. Dive into multiple discovered application vulnerabilities, security weaknesses, and inherent limitations in IPC mechanisms that could potentially compromise stored credentials. Learn about novel Google Chrome vulnerabilities affecting browser extensions and understand the implications of local system compromise on password security. Gain insights into how security researchers assess the safety of encrypted credentials when a computer system is infected or compromised, moving beyond standard encryption analysis to examine software implementation risks.
Finding and Exploiting Local Security Vulnerabilities in 1Password for MacOS
Overview
Syllabus
DEF CON 32 - Finding & exploiting local attacks on 1Password Mac desktop app - J. Hoffman, C. Morgan
Taught by
DEFCONConference
Related Courses
-
What to Expect When You're Exploiting - Zero-Day Vulnerabilities in Baby Monitors and Wi-Fi Cameras
-
MobileMesh RF Network Exploitation - Security Analysis and Vulnerabilities in goTenna Networks
-
Defeating ATM Disk Encryption - Security Vulnerabilities in Vynamic Security Suite
-
Hunting for macOS Application Logic Bugs - Local Privilege Escalation Vulnerabilities
