Remember that:
- They learned about this yesterday
- They had as much heads up as the general public did
- They are a large company.
If it’s like everything else, it’s probably ancient and crufty. The dude who wrote it probably cashed out years ago. Some engineer rushed through and made the original worst-case-scenario error, and the guys cleaning up the mess made this error, which is understandable given the severity of the problem.
For a company like Apple that prints money, it’s irresponsible and reflective of a broken engineering process. Personally I’m angry about this because on iOS, we’re 100% dependent on their engineering process to protect my customer’s data. Hopefully that trust is well placed.
If they don’t want to maintain Macs, don’t make them.
As to why the LocalKDC exists? How can you do secure peer-to-peer authentication without relying on some sort of global (and broken) or private PKI infrastructure? SRP wasn't an option at the time.
I am sorry you are upset. Apple is really, really serious about protecting customer data. I encourage the reading of the Apple iOS Security Guide - it describes hardware and software techniques used to protect your data. There is also the 2016 Blackhat presentation by Ivan Krstic that gives more insight into the Secure Enclave.
Like, I seriously hope this was just an oversight in the testing system somehow - but I'm really rather concerned that Apple is not testing these things as rigorously as it should be/used to be.
This is such a fundamentally corrupt security issue that we all have to increase our levels of suspicion over the QA team at Apple. Truly a shocking hole.
This is a major fuckup the kind of which should be illegal.
Aren't Apple forums mostly meant as self-help forums, with minimal monitoring by Apple?
It looks like one person posted it two weeks ago, not as a bug or security problem but as a solution to the problem that the original poster had, not realizing it was a bug. People didn't seem to notice it and start talking about it there until yesterday.
I would guess that any developers at Apple that check the developer forums just look at the first post to see what problems people are reporting, and a few of the replies to see if others are seeing the problem and see what workarounds people have found.
In this particular thread that first post was in June, and by early July someone had posted a fix. Some people had trouble with that and someone posted a more detailed fix in the middle of October.
I doubt any developers would be still following that thread on November 13th, when the root bug was posted.
As far as moderators go, I'd expect that they just skim the posts to make sure they don't violate any major rules.
That's why you hire best engineers, product managers and QA people and establish processes that let you do exactly that. Trouble is Apple's treating everything like toys nowadays.
Surprising though how many people are willing to give a free pass to an almost trillion dollar company.
Also you realise Apple's asking their customers to run terminal commands - even MS has fixits that just do it :)
Also, though the patch does introduce this new bug, it's hardly a show-stopper, it has a simple fix, it will likely affect a tiny percentage of users, and I'm sure be resolved in a future release.
Nope.
- They had as much heads up as the general public did
I.e. two weeks.
- They are a large company.
That's a point to their discredit. For a garage op, this would be acceptable.
Haven’t even bothered to try and repair it. It shipped with one of those crappy slow HD’s Apple used to save money.
Then what are you complaining about? It isn’t magic, things do break sometimes.
But it should definitely refrain from bricking the machine... that’s a bummer.
I’m not sure if file sharing is broken for me. I don’t use it right now. But I’m afraid I might run into this bug in the future when I eventually use file sharing, and then I will have forgotten about this fix, and end up spending hours scratching my head and head-desking.
I can’t even install 10.13.1 on my Mac Pro 2013 - computer acts like its bricked until rebooted a number of times (and when it finally boots we’re back at 10.13).
This also means I can’t install the latest security update that fixes the root problem (and yes, i’ve changed the root password to mitigate).
OSX is becoming more like Windows every day.