1. 2
  1.  

  2. 2

    Kind of vague, no? Preserving the existing failure case behavior is an important part of hiding a backdoor, I would think. Like if I backdoored sshd, I wouldn’t just permit anyone to login. This test is akin to “ssh root@localhost” and checking for a password prompt. Oh, good, I must be safe.

      1. 1

        Ah Unfortunate; I was able to reproduce this with a current version of XCode.

        Sure it asked for my Passphrase as I specified one; but I got no popup :(

        1. 1

          Same thing here (10.9, latest XCode).

          I’ll wait for more data before worrying.