Subtitle: Insecurely Yours
The Apple Hack instructions:
(in some cases repeat steps 4 to 7 a few times)
For the benefit of "I am far too important to need to know about any technical details of my computer" kind of user, a demographic that for the most part defines the Apple Computer user, be aware that
- Your Apple computer runs the Operating System called macOS
macOS (previously known as OS X) is based on UNIX, and has kernel origins in Mach
- The root user, also known as the Superuser has supreme rights on your system
- Anybody who is logged on as the root user can destroy your entire computer in seconds
(For example a root user could type at the terminal rm -rf / )
I tested it
I am always skeptical of scaremongering, especially when in this case the severity of this threat, or compromise is so high as to say "this bug is just impossible", "nobody could have coded in this amount of stupidity"
But unfortunately, I did test it, and the above instructions are the result of a successful logon to an Apple Mac Mini, running macOS 10.13.1 i.e. the highest level High Sierra, with all Operating System patches applied as of early November 2017.
Here are some links then
How to Fix it Then?
- Set a specific root password that you only know about
(Open terminal and type: sudo passwd -u root )
- Download the official Apple Software Update
Here we see the Software Update listed (click apple in top left, About this Mac, Software Update)
Now we see from this Terminal Command that the fix is installed (2017-001)
Sooner or later ever major computer vendor experiences an embarrassing Software Bug of such magnitude that those in the know will be laughing and joking about it years later.
This total compromise of Apple security at the latest High Sierra version 10.13.1 of Apple's flagship Operating System will have Apple cringing for years to come.
Every Windows user, and every Linux user now has the classic line "Remember when you could logon without a password" stored up ready when the next smug Apple user starts pontificating, and believe you me, that does happen rather frequently.
Apple discloses vulnerability