Apple security blunder exposes Lion login passwords in clear text

[Chippiewill]

An Apple programmer, apparently by accident, left a debug flag in the most recent version of the Mac OS X operating system. In specific configurations, applying OS X Lion update 10.7.3 turns on a system-wide debug log file that contains the login passwords of every user who has logged in since the update was applied. The passwords are stored in clear text.

http://www.zdnet.com/blog/security/a...ear-text/11963

I think this is a level beyond ******, what kind of programmer misses this.

[peteyt]

And the "secure" macs get another blow

[xxMATTGxx]

Bit stupid of them really. I wonder how long it will take them to fix it this time round.

[GommeInc]

Bit stupid of them really. I wonder how long it will take them to fix it this time round.

The question really should be: How long will it take for them to accept responsibility and not blame their users?

[Chippiewill]

The question really should be: How long will it take for them to accept responsibility and not blame their users?

Aren't Apple products meant to be user-friendly?

[GommeInc]

Aren't Apple products meant to be user-friendly?

Obviously not but Apple will say that, then their fanbase lap it up like a cat to cream. Do not flame those who blindly follow their religion, but pity them.

[xxMATTGxx]

Apple have now fixed the fault - http://www.neowin.net/news/apple-mac...-password-flaw

[Chippiewill]

Considering they only had to disable some logging I'm surprised it took this long.

[HotelUser]

Bit stupid of them really. I wonder how long it will take them to fix it this time round.

Abit too long but I've seen a lot worse, got fixed in the end; didn't affect me same as the Java exploit although with OS X becoming increasingly more popular I'll soon be looking for an AV.

what kind of programmer misses this.

One who's human.

Aren't Apple products meant to be user-friendly?

Based on how well Apple is doing I would say that users think their products are quite user friendly, based on that same fact I'd say it's no surprise that folks are beginning to target OS X more often. If your Consumer Operating System is targeted for viruses I'd say that means it must be pretty successful.

The question really should be: How long will it take for them to accept responsibility and not blame their users?

Oh please, they're no worse then many other companies when it comes to pointing at users being stupid. Microsoft has been taking advantage of stupid people for years - just look at how many people still use Internet Explorer!!!

[GommeInc]

*snip*

I see you've got a job mucking out the Apple stables Do you want a silver sword to go with your shield, Oh Apple knight in shining armour? Also, your example of IE and Microsoft is pretty lousy - first, you can use a different browser, and Microsoft doesn't call their users stupid for using IE, it's more self-inflicted and closer to home. Secondly, Microsoft tend to make it so their OS' do not do stupid things, like delete all user data after an update OR expose passwords. Besides, what I said was a joke but I guess Apple zealots can't take them and only exist to defend their religion.