Archive for February 24, 2022

Thursday, February 24, 2022

Passware Bypasses T2 Rate Limiting

Ben Lovejoy:

Until recently, however, it wasn’t practical to mount brute-force attacks on Macs with a T2 chip. This is because the Mac password is not stored on the SSD, and the chip limits the number of password attempts that can be made, so you’d instead have to brute-force the decryption key, and that is so long it would take millions of years.

However, 9to5Mac has learned that Passware is now offering an add-on module that can defeat Macs with the T2 chip, apparently by bypassing the features designed to prevent multiple guesses.


The process is still slower than usual, at a relatively sedate 15-ish passwords per second. In theory, this could still take thousands of years, but most people use relatively short passwords which are vulnerable to dictionary attacks. The average password length is just six characters, which can be cracked in around 10 hours.

Belkin CONNECT Pro Thunderbolt 4 Dock

Juli Clover:

It includes two Thunderbolt 4 ports (one upstream and one downstream), two HDMI 2.0 ports, a USB-C port, two USB 3.1 USB-A ports, two USB 2.0 USB-A ports, an SD card slot, a Gigabit Ethernet port, and a 3.5mm audio jack.

It’s $400, compared with $360 for the CalDigit one that had more Thunderbolt and USB ports (but no HDMI).


Google Drive Flags .DS_Store Files for Copyright Infringement

Malcolm Owen (tweet, Hacker News):

Users of Google Drive can potentially receive an email warning that a file of theirs “violates Google Drive’s Terms of Service,” specifically its copyright infringement policy. However, it appears that Google’s automated file scanning system has deemed a fairly common file as a false positive.

In posts to Reddit, as reported by Bleeping Computer, the system is being tripped up by “.DS_Store.” Specific to macOS, .DS_Store holds custom attributes relating to the folder it is contained within.


DYMO Label Printer RFID DRM

Mike Peterson (Hacker News):

The latest Dymo label printers sport RFID readers that can authenticate the labels that customers place within the printers. According to the Electronic Frontier Foundation, this allows Dymo to distinguish between first-party labels and cheaper alternatives.

Dymo touts the benefits of the chipped label paper in its sales literature, including auto-detection and remaining label counts. However, the chipping also forces Dymo customers to purchase first-party labels that are more expensive than many of their competitors.

It sounds like, if my current printer breaks, I won’t be able to use the remainder of the labels I’ve already purchased.


The chip inside each roll is a special NFC that identifies the label dimensions and remaining label count. The NFC comes pre-loaded with 0xFFFF-Count in a special register that increments when hit with a non-password protected NFC command emitted by the printer when any label is ejected. So even if you don’t print, you just eject, the labels are depleted. There seems to be a buffer at the end for this kind of “rewind” process or user error … but it’s limited. A roll of 50 labels might have a counter that can be hit 60 times. The command to reset this counter is password protected.

There are many label converters (print shops that make blank labels) bent out of shape about this. Moreover, there are entire industries (think dental offices) that have standardized their processes around custom die cut labels made specifically for their use case. Since DYMO won’t bless the labels, they will never work in the LabelWriter 550.

When the 550 was launched I started hearing about it from my customers. I bought one off Amazon and the reviews were terrible. A few weeks later I checked and DYMO deleted the 550 product page and renamed their older 450 to become the 550, effectively inheriting the thousands of decent reviews from the 450… hiding the upset customers of the 550.

Currently, at least, the DYMO 450 product page on Amazon seems to be intact, though that model is no longer for sale.


OneDrive Root Change and Files On-Demand

Adam Engst:

I don’t use OneDrive, but users are up in arms after its most recent update made the Files On-Demand approach mandatory, removing the option to keep all files local with a single switch. Microsoft explained this move, but users remain unhappy for a variety of reasons.

The workaround seems to be to “pin” files or folders, which keeps them local. If you want everything local, you have to pin all your top-level folders. Unfortunately, and this is causing consternation for users who have vast amounts of data stored in OneDrive, that means you have to redownload everything from the cloud.

Tim Hardwick:

What this has meant in practice for many users is that any local copies of files synced to OneDrive have been summarily wiped from their Mac since the update was rolled out.


On top of these errors, some users are also experiencing problems with files refusing to download or open correctly in their default application.

Tim Hardwick:

In an update to its original blog post introducing this aspect of its new “Files On-Demand Experience,” Microsoft has now responded to these concerns by explaining that the first version of Files On-Demand is built on several pieces of technology that are now deprecated by Apple in macOS 12.3, currently still in beta.

John C. Welch:

I don’t have a problem with FOD as a concept, but I had it turned off for specific reasons, one of which is that I regularly work disconnected, which makes FOD kind of useless.


OneDrive and FOD are at this point lying to me. It’s not even completely downloading the file placeholders for folders until you click on them. So if you weren’t aware of this, and were offline and clicked on a FOD’d folder, you’d think it was empty, that you had lost data.

John C. Welch:

To be blunt: were a random script or executable do what OneDrive is doing here, namely deleting data without so much as a warning, we would call that script malware and warn the world about it so suitable countermeasures could be implemented. That OneDrive gives you an as yet manual method to eventually get all the files that were already local back to that benighted state doesn’t change the malware-like behavior OneDrive is engaging in here.


[Apple] required you to move the OneDrive folder, they most certainly did not make you force everyone to Files-On-Demand, insinuating otherwise is quite insulting to your customers’ intelligence.

John C. Welch:

Using OneDrive on an external drive is now a real problem, one that may not be fixable

A lot of workflows that depended on those files being in a specific place are broken


The OneDrive root change alone will take months to sort out, along with any bugs caused or discovered. Throwing the FoD change on top of it was just foolishness


In any event, even though I know for a fact that the problems people are seeing now were reported during the beta cycle, I think the team either blew off the data[…]