Apple security blunder exposes Lion login passwords in clear text

Printable View

Show 40 post(s) from this thread on one page

07-05-2012, 12:26 PM
Chippiewill

Apple security blunder exposes Lion login passwords in clear text

http://i.zdnet.com/blogs/mac_os_x_filevault_exposed.png

Quote:

An Apple programmer, apparently by accident, left a debug flag in the most recent version of the Mac OS X operating system. In specific configurations, applying OS X Lion update 10.7.3 turns on a system-wide debug log file that contains the login passwords of every user who has logged in since the update was applied. The passwords are stored in clear text.

http://www.zdnet.com/blog/security/a...ear-text/11963

I think this is a level beyond ******, what kind of programmer misses this.
08-05-2012, 01:03 PM
peteyt

And the "secure" macs get another blow
08-05-2012, 05:46 PM
xxMATTGxx

Bit stupid of them really. I wonder how long it will take them to fix it this time round.
08-05-2012, 06:02 PM
GommeInc

Quote:

Originally Posted by xxMATTGxx

Bit stupid of them really. I wonder how long it will take them to fix it this time round.

The question really should be: How long will it take for them to accept responsibility and not blame their users?
08-05-2012, 08:13 PM
Chippiewill

Quote:

Originally Posted by GommeInc

The question really should be: How long will it take for them to accept responsibility and not blame their users?

Aren't Apple products meant to be user-friendly?
08-05-2012, 09:31 PM
GommeInc

Quote:

Originally Posted by Chippiewill

Aren't Apple products meant to be user-friendly?

Obviously not but Apple will say that, then their fanbase lap it up like a cat to cream. Do not flame those who blindly follow their religion, but pity them.
10-05-2012, 07:36 PM
xxMATTGxx

Apple have now fixed the fault - http://www.neowin.net/news/apple-mac...-password-flaw
10-05-2012, 07:55 PM
Chippiewill

Considering they only had to disable some logging I'm surprised it took this long.
14-05-2012, 10:21 PM
HotelUser

Quote:

Originally Posted by xxMATTGxx

Bit stupid of them really. I wonder how long it will take them to fix it this time round.

Abit too long but I've seen a lot worse, got fixed in the end; didn't affect me same as the Java exploit although with OS X becoming increasingly more popular I'll soon be looking for an AV.

Quote:

Originally Posted by Chippiewill

what kind of programmer misses this.

One who's human.

Quote:

Originally Posted by Chippiewill

Aren't Apple products meant to be user-friendly?

Based on how well Apple is doing I would say that users think their products are quite user friendly, based on that same fact I'd say it's no surprise that folks are beginning to target OS X more often. If your Consumer Operating System is targeted for viruses I'd say that means it must be pretty successful.

Quote:

Originally Posted by GommeInc

The question really should be: How long will it take for them to accept responsibility and not blame their users?

Oh please, they're no worse then many other companies when it comes to pointing at users being stupid. Microsoft has been taking advantage of stupid people for years - just look at how many people still use Internet Explorer!!!
14-05-2012, 10:43 PM
GommeInc

Quote:

Originally Posted by HotelUser

*snip*

I see you've got a job mucking out the Apple stables :P Do you want a silver sword to go with your shield, Oh Apple knight in shining armour? :P Also, your example of IE and Microsoft is pretty lousy - first, you can use a different browser, and Microsoft doesn't call their users stupid for using IE, it's more self-inflicted and closer to home. Secondly, Microsoft tend to make it so their OS' do not do stupid things, like delete all user data after an update OR expose passwords. Besides, what I said was a joke but I guess Apple zealots can't take them and only exist to defend their religion.

Show 40 post(s) from this thread on one page