We live in different times. Apple’s macOS High Sierra
has had a security flaw which was rather simple to implement. A day later Apple has a fix. Were 100-million Mac users at risk? Of course not. Someone would need to have access to your Mac anyway. Such bugs are a part of the industry and are not likely to ever go away, but based upon the public backlash by members of the technorati elite politburo it’s the end of Apple as we know it.
Not hardly. Serious flaws are everywhere; Windows, Android OS, Linux, et al, but that list should include iOS and macOS.
When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
End of story? Not quite.
We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.
Move along. Nothing to see here.
It’s time to get over the mock outrage whenever a technology company does something wrong. I don’t remember this much 24-hour noise with Samsung’s flammable and exploding Galaxy Note 7 models last year.
Hey, guess what? Anyone can log into/wake up a local Mac running High Sierra with no password. THIS IS VERY VERY BAD.
Not as bad as you might think. Someone needs to have your Mac to access your Mac with this bug.
While awaiting a fix: control the physical access to your Mac. Lock it in a drawer/behind a door when unattended, or take it with you.
Why? Because the world is full of people who know how to implement the trick to take advantage of the bug, right? Wrong.
Apple: Stop focusing on making things thinner and stop skating to where the puck is going to be. FOCUS ON SHIPPING THINGS WITHOUT DANGEROUS DUMBASS BUGS.
Gimme a break, Andy.
Does anyone who knows how a tech business works think that the same designers and engineers who work on the Mac to make it thinner or prettier are the same ones who work on macOS? Apple’s engineering teams likely know how to walk and chew gum at the same time.
Is this kind of problem endemic at Apple or representative of a growing trend? No. Otherwise, show me the math. Was this a mistake? Yes. Was it corrected in a timely manner? Yes. Is it evidence of problems at Apple? No. Show me the math.
Ongoing advice: unless an OS update delivers a feature that solves problems for you, wait a few months before updating. There are often showstoppers lurking in the point zero release.
Months? Get real.
Andy is a pen collector.
It took me years to develop a successful Pen Strategy: I keep one or two nice pens that I try to keep track of, plus a HUGE BOX of cheap pens that I don’t care about losing, for bags, drawers, giving to people who need one, etc.
Oh. My. God. Lock that box, Andy! Anyone with physical access to that box of pens could, well, I don’t know. Maybe sit down and write absolutely ANYTHING and do it on your own paper! Oh, the humanity!
Less than 24-hours to fix a flaw in macOS High Sierra seems like a good response to an issue that so far has affected absolutely no Mac-owning human on earth except the poor engineer in charge of password security on macOS.
UPDATE – the fix itself was an automatic push to most affected Macs, but even that fix has caused a few problems, prominently displayed on MacRumors.