Technical Discussion
  >> Apple Issues


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | [3] | 4 | 5 | (show all)   Print Thread
Standard User billford
(elder) Wed 29-Nov-17 14:19:40
Print Post

Re: High Sierra bug


[re: ian_c] [link to this post]
 
I must admit I'd forgotten that root has to be specifically enabled... I've never needed it.

I've always managed with sudo, and (not being particularly proficient at a Unix prompt) I'm very wary even of that crazy

It's a bit ironic that they missed this one but (in Sierra) removed ftp because it was insecure...

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Standard User ian_c
(eat-sleep-adslguide) Wed 29-Nov-17 14:36:29
Print Post

Re: High Sierra bug


[re: TinyMongomery] [link to this post]
 
Pretty much. An unencrypted system is vulnerable. More at 10.

Standard User billford
(elder) Wed 29-Nov-17 16:53:14
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
Fixed.

Available in the App Store, no re-start required.

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6


Register (or login) on our website and you will not see this ad.

Standard User micksharpe
(legend) Wed 29-Nov-17 17:34:43
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
It didn't take long for Apple to patch that nasty macOS High Sierra flaw that let intruders gain full administrator access (aka root) on your system. The company has released Security Update 2017-001, which should prevent people from gaining control over a Mac just by putting "root" in the username and hitting the Return key a few times. Needless to say, you'll want to apply this fix as soon as you can if you're running Apple's latest desktop OS.
If this is the first security update that Apple have issued this year, macOS must be really secure. Microsoft keep issuing them all the time.

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn

Edited by micksharpe (Wed 29-Nov-17 17:35:10)

Standard User billford
(elder) Wed 29-Nov-17 17:50:32
Print Post

Re: High Sierra bug


[re: micksharpe] [link to this post]
 
In reply to a post by micksharpe:
If this is the first security update that Apple have issued this year, macOS must be really secure. Microsoft keep issuing them all the time.
An alternative interpretation is that MS security is [censored] tongue

It's the first security-only update this year but there have been several general OS updates in 2017. I can't remember if any included security updates as well, they probably did. I can't tell from the update history.


eta- iirc the update from 10.13 to 10.13.1 included the KRACK update, for example.

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6

Edited by billford (Wed 29-Nov-17 17:57:18)

Standard User micksharpe
(legend) Wed 29-Nov-17 17:56:47
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
In reply to a post by billford:
An alternative interpretation is that MS security is [censored] tongue
laugh

'Sir, please,' she said ... 'Will you not share your wisdom with us?'
'I have no wisdom,' he told her.
'Your experiences, then?'
'They have been trivial, uninteresting, and full of error.'
Iain M. Banks -- Feersum Endjinn
Standard User TinyMongomery
(eat-sleep-adslguide) Wed 29-Nov-17 21:13:24
Print Post

Re: High Sierra bug


[re: micksharpe] [link to this post]
 
High Sierra is relatively recent.

Contrary to popular belief, security updates are - IMO - a good thing.

Fortunately, Apple issue quite a few security updates. https://support.apple.com/en-gb/HT201222

--------------------------------------------------------------------------
A lie gets halfway around the world before the truth has a chance to get its pants on.
Standard User TinyMongomery
(eat-sleep-adslguide) Thu 30-Nov-17 08:14:42
Print Post

Re: High Sierra bug


[re: billford] [link to this post]
 
An explanation here of exactly what went wrong: http://www.theregister.co.uk/2017/11/29/apple_macos_...

I have to revise my opinion - this was a bug in the OS, not just a misconfiguration of the defaults.

--------------------------------------------------------------------------
A lie gets halfway around the world before the truth has a chance to get its pants on.
Standard User Jay_Jay
(learned) Thu 30-Nov-17 09:52:33
Print Post

Re: High Sierra bug


[re: micksharpe] [link to this post]
 
In reply to a post by micksharpe:
If this is the first security update that Apple have issued this year, macOS must be really secure. Microsoft keep issuing them all the time.


I don't know about macOS, but Apple are obviously responsible for iOS (I have an iPad-Air)!!

In reply to a post by TinyMongomery:
Fortunately, Apple issue quite a few security updates. https://support.apple.com/en-gb/HT201222


From TM's Link:- for iOS-11 (which was initially released at the end of September), there have ALREADY been 6 Security Updates!!

Not quite up to Microsoft's "Every-Week", but nearly!!
Standard User billford
(elder) Thu 30-Nov-17 10:17:06
Print Post

Re: High Sierra bug


[re: Jay_Jay] [link to this post]
 
In reply to a post by Jay_Jay:
I don't know about macOS, but Apple are obviously responsible for iOS (I have an iPad-Air)!!
All companies get it wrong periodically... OS X Snow Leopard was great, Lion was less highly regarded, Mountain Lion wasn't bad, Mavericks had it's problems I believe, ditto Yosemite (I skipped those two), Sierra seemed OK, I'm not convinced about High Sierra.

Similar for Windows- the upgrade from XP to Vista wasn't universally recommended... that's about when I switched to Macs so can't comment on later versions. Even back in the days of DOS, there was a tendency to skip the even-numbered versions smile

IOS 11 seems to be another victim of this trait... I've stayed on IOS 10, I'll see what 12 looks like tongue

Bill
A level playing field is level in both directions.

_______________________________________Planes and Boats and ... ______________BQMs: IPv4 IPv6
Pages in this thread: 1 | 2 | [3] | 4 | 5 | (show all)   Print Thread

Jump to