Search the Site

My Social
Meta
Powered by Squarespace

Entries in SafeSign (4)

Thursday
Apr222010

SafeSign and Apple OSX Snow Leopard

Last week I got an e-mail from one of the product managers @ AET Europe regarding the availability of SafeSign / Tokenlounge for OSX Snow Leopard.

The content of the e-mail wasn't very encouraging.... It seems that the Snow Leopard of SafeSign / Tokenlounge release is delayed by a bug in the Apple Keychain;

---------
We use systemkeychain -T to create a login keychain (for a new FV user) associated with our token. When trying to unlock this newly created keychain during login with the smartcard, we get prompted with the "unable to unlock login keychain" panel - as you have observed -.
This is basically our main concern, as this was perfectly running under 10.5. Any idea why the system wants to update the login keychain password, prompting the user with that panel???

What we have discovered beside, is that when you click Create New Keychain on that panel, the keychain gets encrypted with the PIN of the smartcard instead of the RSA key, which is a major security issue (Same behavior if you click Update Keychain Password)...
You can easily verify this last issue by removing your smartcard, launching Keychain Access and entering your PIN code to unlock the keychain...

Once again, we didn't have this kind of problems with Leopard.

As long as this issue isn't resolved, there will be no version for Snow Leopard. The (security) risk is just too big.
-------------

So, we need to be patient, and wait till Apple solves this. In the mean time, when you need the SafeSign software for your every day work, you shouldn't upgrade to Snow Leopard.

Check the follow-up on the original SafeSign post for the availability on the Leopard version of SafeSign / Tokenlounge.

Thursday
Dec112008

Uninstall SafeSign on OSX

While the installation of the SafeSign software is relatively easy, the removal of the software is a bit harder. The installation package lacks an automated removal feature. So removing the driver/application must be done by hand.

The removal of the software (both the SafeSign as well as the TokenLounge software) can be reconstructed by analyzing the original packages/installation scripts.

WARNING: Before you continue, you need to realize that this uninstall procedure is without ANY warranties. So make a backup BEFORE proceding.

Click to read more ...

Wednesday
Dec102008

SafeSign and OSX

Updated on Thursday, April 22, 2010 at 22:07 by Registered CommenterWillem

After my blog post on OSX and Aladdin eToken I received a phonecall from Haaino @ AET Europe. He offered the SafeSign software for OSX so I could try their OSX software as well.

The SafeSign software is used with smartcards and smartcard readers like the OmniKey smartcard readers. Through my line of work, no lack of smartcards and/or readers. Only the software was missing (up till now).

Click to read more ...

Thursday
Dec042008

OSX and Aladdin eToken

Due to the nature of my work, and my fondness of Apple products I wasn't able to get my Aladdin eTokens working with OSX. After several months of not trying to crack this I decided to try it again.
The trigger for me was stumbling on the possibility of adding so-called keyfiles to the eToken for accessing TrueCrypt volumes.

First challenge was the eToken PKI software for OSX... Thankfully I'm a Certified eToken guru, so I've got access to their download area (you will have to get your own software). The current version of the eToken software for OSX is v4.55. I installed the Aladdin software on OSX 10.5.5.

Click to read more ...