Latest security mess up - Apple this time

[Vanman]

Clowns the lot of them!

http://www.bbc.co.uk/news/technology-42161823

 

[Langtoftlad]

oops

First read that as typing in Groot, not Root

 

[Southdowners]

It only relates to the most recent operating system which I think was introduced a month or so ago - hopefully it won't affect too many people.

 

[Guigsy]

It was only a couple of months ago that Apple's new secure storage feature could be 'hacked' by clicking the password reminder button, which would show you the actual password.

 

[Allanm]

I think it’s only a problem if someone gets hold of your computer and physically types in the password field.

^{_{Subscribers  do not see these advertisements}}

 

[Deleted member 29692]

I've had a read about this today. There are a couple of points I'd make.

1. This is not a remote access hack. It requires the person to have physical possession of your computer. The biggest worry for most people is that their Mrs will get in and find their porn stash.

2. My MacBook is running High Sierra. Since I first read the story at about 6am this morning I've been trying to get into it using this method and haven't managed it yet. That suggests to me that either the problem isn't as serious as the media hysteria would have us believe or that Apple have already quietly patched it in the background.

 

[rb62]

You would have thought they would have solved the problem before letting people know how it could be done.....or is that being too generous

 

[The Wino]

If this was microsoft how the apple fans would have been crowing!!!

 

[Deleted member 29692]

You would have thought they would have solved the problem before telling people how to do it...or is that being too generous

They didn't tell people. The person that discovered it did.

Even then pretty much everyone is agreeing that this particular flaw is probably more useful for troubleshooting purposes than it would be for anything malicious.

 

[Deleted member 29692]

If this was microsoft how the apple fans would have been crowing!!!

Nah. It's taken as a given that anything from Microsoft is insecure anyway

^{_{Subscribers  do not see these advertisements}}

 

[Pausim]

I think it was discovered because Apple now pay a bounty to developers who can find a weakness. The temporary fix of adding a password to root access is straightforward and took me less than a couple of minutes.

 

[Vanman]

They're calling it a bug, but all Linux OS used to come designed with a ROOT account with no password. The first thing you had to do was set it up with a secure password. Guess Android, Linux and Apple have more in common than I know.

 

[JJ]

Couldn't have happened to a nicer company...


JJ

 

[Deleted member 29692]

They're calling it a bug, but all Linux OS used to come designed with a ROOT account with no password. The first thing you had to do was set it up with a secure password. Guess Android, Linux and Apple have more in common than I know.

Yes, IOS and OS X are historically Linux/Unix based.

That's never been any secret.

 

[Deleted member 29692]

I still haven't been able to break into my MacBook using this method

^{_{Subscribers  do not see these advertisements}}

 

[Gooney]

I've just gone onto my iMac and an urgent security update has been released today.

 

[Red Dragon]

Got into my apple using my pen knife,beautifully sweet it twas.