Everything

Security bug in OS X

This may not be news to everyone, but it was a bit of a discovery to me. Basically, if you use the Logitech software that came with your Revolution MX mouse and OS X, you might be in trouble.

This flaw allows users who lock their screen using the screen saver to bypass the security – simply by pressing the thumb wheel forward. That’s right. Once you do that, you can browse the computer and you can view documents using Quick Look. Pretty neat, eh?

My suggestion – sign out when you’re not at your machine and reprogram the mouse to not have shortcuts for Expose.

FWIW, this works much more reliably when my left monitor is rotated 90 degrees.  I’m not sure why this is, but when both monitors are oriented normally, this doesn’t seem to work. I have to believe this is an OS X problem and not a Logitech one.  Something in the Logitech software makes exploiting this easier, but the fundamental flaw still has to be with OSX.

And because I like Apple, I did this too:

Apple Bug Report
Apple Bug Report

Leave a Reply