Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Security Blunder Exposes Lion Login Passwords In Clear Text

samzenpus posted more than 2 years ago | from the whoops dept.

Bug 205

An anonymous reader writes "An Apple programmer, apparently by accident, left a debug flag open in the most recent version of its Mac OS X operating system. In specific configurations, applying the OS X Lion update 10.7.3 turns on a system-wide debug log file that contains the login passwords of every user who has logged in since the update was applied. The passwords are stored in clear text."

Sorry! There are no comments related to the filter you selected.

Absolute garbage! (-1, Offtopic)

feastoola (2632987) | more than 2 years ago | (#39909353)

Return.
You can return.
You may return.
You must return.
You shall return.
Return now...to gamemakerdom!

Did you know? The most popular software systems such as Windows, YouTube, and Facebook are written in gamemaker.

Gamemaker
Pushing programming to its most absolute limits.

Re:Absolute garbage! (-1, Offtopic)

NeverSuchBefore (2613927) | more than 2 years ago | (#39909407)

Have you ever been chronically depressed to the point where you were contemplating suicide? I was once in that situation; I had a bad habit of beating my wife and two daughters with various objects, couldn't hold down a job, and was about to lose my house.

But I got better. I now have a high-paying job, a beautiful house, a stupendous car, and my family loves me dearly. How did I go from being a depressed loser to an all-around winner? I started using Gamemaker.

That's right. I returned to Gamemakerdom, and my life changed for the better! You should too.

Return, return, return, return, return to Gamemakerdom!

Re:Absolute garbage! (0, Offtopic)

HeavyDDuty (2506392) | more than 2 years ago | (#39909441)

pathetic.

Re:Absolute garbage! (-1, Flamebait)

SnappingJones (2633041) | more than 2 years ago | (#39909515)

I know. I know all too well how it feels to be pathetic. I got over it, my friend.

Your cries for help will not be ignored. I will tell you how you can stop feeling pathetic: start using Gamemaker.

Switch to Gamemaker. Use Gamemaker. Why not use Gamemaker? There is not a single reason not to use Gamemaker.

Return to Gamemakerdom!

Re:Absolute garbage! (1, Offtopic)

mark-t (151149) | more than 2 years ago | (#39909959)

There is not a single reason not to use Gamemaker.

I might suggest that your endorsement might have given several people a reasonably compelling reason not to use it.

If you sincerely are advocating that product, you may want to consider altering your sales pitch so that you don't sound so much like a snake-oil sales vendor. Otherwise, you just sound like a raving lunatic.

Of course... if that was your intent. Carry on. Expect to be downmodded, however.

Re:Absolute garbage! (-1, Troll)

Viol8 (599362) | more than 2 years ago | (#39909709)

"where you were contemplating suicide? I was once in that situation;"

Hopefully you'll be in that situation again and you'll do us all a favour and actually do it. Then we won't have to put up with your spam on here and the world won't miss a loser like you anyway.

Great (5, Funny)

lemur3 (997863) | more than 2 years ago | (#39909357)

now i can find out what my password is.

ive been resisting a reboot for ages!

Re:Great (3, Informative)

cbreak (1575875) | more than 2 years ago | (#39909389)

Only if you entered it after the update and within the expiration date apparently. And you probably need local admin rights. Not a big hurdle if you're sitting in front of the computer.

Re:Great (-1, Troll)

TheThinkingGuy (2633039) | more than 2 years ago | (#39909487)

I think it's funny that people complain about this while still happily submitting their clear-text passwords to Google. From there it goes to any non-honest Google admin [gawker.com] to use and exploit. On top of that most people use the same password everywhere, so you're basically giving Google access to everything you have. Really wise, indeed.

Re:Great (2, Interesting)

Anonymous Coward | more than 2 years ago | (#39909583)

Oh hi there, InterestingTechGuysIn140Bytes. I was kinda wondering when you'll get a next account after you've blown last [slashdot.org] previous [slashdot.org] three [slashdot.org] .

Re:Great (1)

leuk_he (194174) | more than 2 years ago | (#39909635)

Google already has everything about you. There are barely laws that protect you about the gathering google does. why complain about the plain text part?

Re:Great (0)

chrb (1083577) | more than 2 years ago | (#39909685)

I think it's funny that people complain about this while still happily submitting their clear-text passwords to Google.

You mean that people are submitting a password to authenticate themselves to a web site? The horror! Google should obviously do whatever it is that Microsoft and Apple are doing to authenticate their web users...

Re:Great (1, Troll)

TheThinkingGuy (2633039) | more than 2 years ago | (#39909769)

I know you're being sarcastic, but yes, they should. There's companies who actually care about user's privacy and make md5 hash of the password on the client side. Google does not. This despite the fact that their services need JavaScript enabled, so saying that user might have JS disabled is no valid excuse. Hashing the password on client side would greatly increase security and show that the company actually cares about its users.

Re:Great (5, Informative)

beelsebob (529313) | more than 2 years ago | (#39909873)

Yes, because having a known md5 hash to transmit in plain text is much more secure than having a known password to submit in plain text.

If you want to do this properly, you use SSL for login (and possibly more) or you implement a secure password exchange protocol (e.g. SRP).

Re:Great (0)

Anonymous Coward | more than 2 years ago | (#39910441)

Actually, it is a little better because at least you can't test using the same password at a different website. But, really, what LiveJournal actually does is implement a challenge-response scheme in Javascript. If you have Javascript enabled, what it transmits back is a hash of your password and the challenge string concatted together. You still have the problem that the server knows your plaintext password (fixable by more hashing) but at least it isn't sent to the server on every login. See Digest access authentication [wikipedia.org] for an actually correctly implemented version of this.

Re:Great (5, Interesting)

icebraining (1313345) | more than 2 years ago | (#39910069)

You obviously have no fucking clue of what you're saying. If you hash the pass before sending, then what happens if someone sniffs the connection? They can just send the hash!

The hash effectively becomes the password.

So no, it doesn't increase security. But you know what does? Two-factor authentication. And do you know what big consumer oriented company start offering those first? I'll give you an hint [google.com] .

Re:Great (5, Informative)

gutnor (872759) | more than 2 years ago | (#39910371)

The hash effectively becomes the password.

Come on now, nobody simply hash the password: you timestamp it and salt it first then hash it. That is how it is done, and you know it. So yes the parent is incorrect, but saying that hashing is useless is misinformation. If you properly hash, a sniffer will be able to use the hash as a password only once. So that is a man in the middle, that sucks but it is not a complete pwnage as you suggest it is.

Re:Great (1)

Anonymous Coward | more than 2 years ago | (#39909887)

Wow, nice FUD. The article you linked doesn't mention passwords at all, and as an engineer at Google I can confirm that it's impossible to actually get user passwords. ... but keep trolling, Microsoft shill.

Re:Great (0)

Anonymous Coward | more than 2 years ago | (#39910161)

Sure, we believe you random guy on the internet.

Hi bonch! (0)

Anonymous Coward | more than 2 years ago | (#39910143)

What are you upto today bonch? Anything exciting?

Just more shilling? :( Well that's too sad. Please take it easy today and don't shill too much bonch!

malware (4, Funny)

Anonymous Coward | more than 2 years ago | (#39909359)

apple even ships their own malware.

Re:malware (4, Insightful)

mr100percent (57156) | more than 2 years ago | (#39909553)

considering how this only affects people who used FileVault encryption on their Mac prior to Lion, then upgraded to Lion but kept the folders encrypted using the legacy version of FileVault, I hardly think this will be a popular vector for any attacks, malware or otherwise.

Re:malware (5, Funny)

IamTheRealMike (537420) | more than 2 years ago | (#39909697)

Oh yes, you're right. It sounds like it only impacts people who actually want / need security. So that's OK then.

Re:malware (2, Informative)

mr100percent (57156) | more than 2 years ago | (#39909751)

People who actually want security wouldn't be using an older, and slower, version of FileVault in the latest OS and also ignoring the message telling them to upgrade the FS to the latest version.

Re:malware (1)

epine (68316) | more than 2 years ago | (#39910151)

People who actually want security and don't have insanely busy lives and didn't buy a Mac for precisely the reason of not having to dress like a plumber and promptly read and obey plumber guild news bulletins wouldn't be using an older, and slower, version of FileVault in the latest OS and also ignoring the message telling them to upgrade the FS to the latest version.

I don't have a Mac because I kind of enjoy participating in the anal retentive guild of digital grooming. Inference from logic shouldn't be used on people who own Macs. That's really stupid if you've ever checked out what that kind of person cares about.

If Apple wants to play the paternalistic "let us decide and pamper you card" then need to not mess it up. No excuses.

Re:malware (5, Informative)

Smurf (7981) | more than 2 years ago | (#39909763)

Oh yes, you're right. It sounds like it only impacts people who actually want / need security. So that's OK then.

No, because the people who actually want/need security would have already turned off the legacy FileVault (i.e., the one that only encrypts the user's home directory leaving the system directory where the log file in question is located unprotected) and turned on the new FileVault which encrypts the whole disk, including all system directories. That was one of the few really compelling features of Lion.

BTW, this is a Mac OS X 10.7.3-specific issue. It does not affect users of pre-Lion systems which only have the legacy FileVault option.

Re:malware (1)

michelcolman (1208008) | more than 2 years ago | (#39909775)

Those would have upgraded to the new version of Filevault with full disk encryption to replace the legacy version that had plenty of drawbacks.

Re:malware (-1, Flamebait)

tsa (15680) | more than 2 years ago | (#39909707)

So? MS has been doing that for the past thirty years or so.

Re:malware (1)

muon-catalyzed (2483394) | more than 2 years ago | (#39909795)

Expect it announced as a feature, a friendly user password lookup. They got away with worse things like kernel crashing, OS without copy&paste..

What is that sound? (0)

Anonymous Coward | more than 2 years ago | (#39909375)

Oh, it is the sound of Google and Microsoft doing the LMAO and rolling on the floor. No chairs to through today - except maybe in Cupertino...

Re:What is that sound? (0)

jo_ham (604554) | more than 2 years ago | (#39909395)

Chairs?! Pfff.

Don't you know us Mac users simply float in the air due to our own sense of self-importance repelling us from doing anything as "normal" as sitting on the ground?

Re:What is that sound? (-1, Offtopic)

NeverSuchBefore (2613927) | more than 2 years ago | (#39909423)

You're a pathetic loser. The fix? Use Gamemaker. Return to Gamemakerdom!

Re:What is that sound? (0)

iggymanz (596061) | more than 2 years ago | (#39909681)

imbibing chemicals that fool your brain into believing you are floating does not mean you are levitating in the real world, you danged mac hippie

Re:What is that sound? (1, Offtopic)

tsa (15680) | more than 2 years ago | (#39909749)

You are wrong my friend. It's your disbelief that makes you see us sitting down but in reality we do no such thing.

Ouch! (1)

jo_ham (604554) | more than 2 years ago | (#39909379)

It's a good job that my password is also the combination to my luggage.

In before "lol Mac users deserve this".

That makes for quite the dangerous security breach.

Really? (0)

Anonymous Coward | more than 2 years ago | (#39909385)

TFA mentioned filevault, they're reusing system passwords for that are they?

Re:Really? (5, Informative)

michelcolman (1208008) | more than 2 years ago | (#39909509)

Your login password also unlocks the encryption password for FileVault. The login passwords were apparently logged in a file outside of the encrypted image. (Only for the old pre-lion version of FileVault running under Lion)

Re:Really? (0)

Anonymous Coward | more than 2 years ago | (#39909791)

Thanks, that's exactly what it says and I can read :-) Is this only if you're using filevault? I didn't upgrade to Lion due to the stupid mobile orientated features, I'm asuming filevault isn't enabled by default?

Re:Really? (2)

jo_ham (604554) | more than 2 years ago | (#39909891)

No, it's off by default, and if you don't use FileVault (the legacy version) you are effectively not effected - your disk is not encrypted to begin with, and thus starting the machine in target disk mode gives access to your home folder to an attacker (or they can reset your login password with the OS X installer), bit *not* your keychain password which is the same by default, but not if the login password is changed via the root user or another admin).

It's still a bit of a huge security blunder though.

Do they have a build process? (5, Insightful)

msobkow (48369) | more than 2 years ago | (#39909397)

When I build a system for Linux distribution, I use scripts to configure the options on the build server. I don't use manually specified configurations from developer workstations.

Doesn't Apple grasp this concept of source code versioning and build management? Or was the debug flag in question hard-coded in the source rather than specified as a build option? If so, Apple needs to revisit it's coding structure and figure out how to set BUILD TIME options instead of hard coding them.

Re:Do they have a build process? (5, Informative)

Kjella (173770) | more than 2 years ago | (#39909731)

Well I've seen many logging frameworks where debug logging and application logging was simply a different severity level, particularly since you may want crash/debug logs from users. All it takes is one sloppy developer that needed a log output, copy-pasted an application log line instead of a debug log line, because it's only temporary and you're going to take it out right? Both works for him. And then suddenly you end up with debug info in your production logs. I don't see why this would have to be a problem with their build process.

Re:Do they have a build process? (-1)

Anonymous Coward | more than 2 years ago | (#39909787)

No one gives a fuck about what you do. It's only Linsux.
 
Linsux takes a big nigger dick in the ass.

Re:Do they have a build process? (4, Interesting)

140Mandak262Jamuna (970587) | more than 2 years ago | (#39909903)

All your debug flags and compiler flags and build settings etc assume the developers would properly bracket their code under proper #ifdefs .

Like:

#ifdef DEBUG_BUILD

SaveDebugInfo(logfile);

#endif

But if the developer had not bracketed their code with proper protection macros, no build setting is going to rescue you.

I have tried make the system as automatic as possible. I have laid down rules to my team. But if you make the system very very foolproof only fools would be able to use it. The process requirements will swamp out the developer. Most likely the error happened at several stages. Originally a function that will be called only under debug build was making a call to save stuff to the log file without protection because the whole damned function is supposed to be called in debug mode. Then someone cut/paste parts of the code out to a function that is called in both debug builds and protection builds. Carelessly.

There is no way you can protect yourself against careless developer. Anyone working at such sensitive parts would be a senior developer, probably a manager stepping in to fix something simple in a module that he himself wrote ages ago. He was very confident and the build guidelines might have mutated without him knowing it. #ifdef DEBUG_BUILD might have been changed to #ifdef DEBUG_OSX and #ifdef DEBUG_IOS and he never got the memo because he was not a regular developer. Such things happen.

Re:Do they have a build process? (5, Insightful)

icebraining (1313345) | more than 2 years ago | (#39910097)

There is no way you can protect yourself against careless developer.

Of course there is. It's called "code review".

Re:Do they have a build process? (1)

philipmather (864521) | more than 2 years ago | (#39910211)

That's option B, option A is called "Open Source".

Re:Do they have a build process? (1)

140Mandak262Jamuna (970587) | more than 2 years ago | (#39910361)

Exactly. Still it is not foolproof. It would drastically reduce careless mistakes, would not eliminate them. If one experienced savvy developer missed it, chances are his peer is likely to miss it too. And most people doing the review look to see if it would do what it should do, and if it would trigger any regression. This mistake happened after all the heavy lifting is done. At the time of winding up. Both the dev and his peer would have let their guards down. Anyway adding more layers and layers of code review, peer review, mechanical processes, check-in triggers and warnings based on grep and awk [For example: all functions meant for purely debugging must have the string _nc_ or _nocheckin_ in its name. All bodies of such functions will be automatically #ifdef\ed out in production builds] would take it beyond the point of diminishing returns. Developers start relying on these dumb mechanistic processes and let their guards down. Eventually you have careless developers.

Moral of the story: You can't guard against careless developers.

Re:Do they have a build process? (-1)

Anonymous Coward | more than 2 years ago | (#39910001)

Herpa derp. Nobody cares about the mundane systems you build.

Re:Do they have a build process? (0)

Anonymous Coward | more than 2 years ago | (#39910009)

Went I build software I always make sure any logging never logs sensitive data like passwords. That data is very rarely needed and if it ever is needed that code never touches the main source base.

I do that to specifically prevent issues like what happened here. It's too easy for even a seasoned developer to leave something like this open, better to not even have the possibly.

Re:Do they have a build process? (1)

gweihir (88907) | more than 2 years ago | (#39910043)

I agree. The bug itself is a problem, but the real problem is that this was apparently easy to get wrong. And there, Apple has shown to be on low amateur level. Getting something as serious as this wrong must be hard enough that it only happens by intention and that intention needs to be expressed clearly and subsequent warnings must be in place.

So, yes, they have some sort of build process, but not designed or implemented by people that know what they are doing. Alternatively, the people designing the debug option have no clue who to do this right. Confidential data in logs is a very old and very well understood problem. Only people truly ignorant on how software security fails will get this wrong. That said, plenty of people are making serious and decades old security mistakes in new software. Getting software right is very, very hard and a lot of people writing software do not get it. They are cheap though and easily replaceable with somebody just as incompetent.

lucky for me... (0)

HeavyDDuty (2506392) | more than 2 years ago | (#39909421)

Lucky for me I read the fine article and since all my systems had a full Lion install (non-upgrade) it's not an issue. Also lucky for me I didn't use folder encryption in Snow Leopard. Also lucky for me I don't use FileVault.

Re:lucky for me... (2)

michelcolman (1208008) | more than 2 years ago | (#39909475)

Actually, Lion's FileVault is not a problem. Only if you were using the old FileVault from previous OSes (which only encrypted the home folder), upgraded to Lion, but did not switch to the new full disk encryption FileVault for some strange reason.

Re:lucky for me... (5, Interesting)

Sancho (17056) | more than 2 years ago | (#39909777)

Some "strange" reason?

How about you've got multiple users on the machine? With Filevault2, any user can unlock the whole disk. As much as I like macs, it's a complete joke. With Filevault1, you had homedir encryption on a per-user basis. My files were secure from other users of the machine.

bloody hell (0)

roman_mir (125474) | more than 2 years ago | (#39909429)

Why in our time somebody, anybody would need passwords to be stored for log purposes at all? You need to check if the user is typing it the right passwords? Compare the encrypted versions and store a state saying: correct / wrong password was used, what else do you need?

This is just stupidity, there is no other word for it.

Re:bloody hell (1)

cbreak (1575875) | more than 2 years ago | (#39909489)

For a Debugging Log. As the article said.

Re:bloody hell (1)

eldorel (828471) | more than 2 years ago | (#39909627)

You missed the gp's point. At what point do you need to see the passwords in a debugging log?

Re:bloody hell (0)

Anonymous Coward | more than 2 years ago | (#39909687)

Perhaps to check the log file's contents using unit tests...

Re:bloody hell (1)

icebraining (1313345) | more than 2 years ago | (#39910105)

If the test is checking log files, it's 1) not a unit test and 2) broken.

Re:bloody hell (4, Interesting)

iluvcapra (782887) | more than 2 years ago | (#39909797)

Looking at the actual message, it looks like the dev in question just took an "attributes" NSDictionary argument and stuck it into his NSLog() call whole hog, as in:

//print arguments
NSLog(@"about to call _premountHomDir with %@", attributes);

"%@" in an OSX printf-style format string will call -(NSString *)description on whatever object in on the vararg position for that %-code, and put that string in the output. The "description" selector on a dictionary spits out the keys and values of the dictionary in a human-readable format. The "attributes" object in this case contains a lot of information that would be interesting for a human debugger, the password being an exception.

Re:bloody hell (1)

michelcolman (1208008) | more than 2 years ago | (#39909821)

If you want to get hold of a colleague's password?

Re:bloody hell (1)

Anonymous Coward | more than 2 years ago | (#39909785)

Why in our time somebody, anybody would need passwords to be stored for log purposes at all? You need to check if the user is typing it the right passwords? Compare the encrypted versions and store a state saying: correct / wrong password was used, what else do you need?

Ask the rogue Google engineer who did this.

Re:bloody hell (1)

gweihir (88907) | more than 2 years ago | (#39910049)

Indeed. Secret info in log-files is also a decades old problem. Any competent software developer knows about this and any bright person will figure it out by themselves. Guess the developer(s) in question are neither bright nor experienced. ElCheapo software development at its best.

Do you want to find the passwords of other users? (4, Funny)

140Mandak262Jamuna (970587) | more than 2 years ago | (#39909435)

...There is app for that.

As an InfoSec pro... (2)

Zapotek (1032314) | more than 2 years ago | (#39909443)

...I've got to say that if a fellow pen-tester managed to find a really deep, complex and convoluted vulnerability in by code then that's fair game and kudos to him.
This though...bitten by a debugging flag, the dev must be hitting the sauce right about now.

Now, putting my coder hat back on, why was a debugging flag left enabled while building for production?
That's just lazy/bad setup, everyone knows that you keep your environments separate.

Re:As an InfoSec pro... (1)

gweihir (88907) | more than 2 years ago | (#39910061)

The real problem is that the debug flag could mess things up this badly, apparently without it being readily obvious. Logging passwords is something you should never be able to enable this easily. If really needed, you hard-code debug instructions for secret info and so that it immediately obvious and includes drastic warnings. Like a screen-output you cannot suppress or something like it. Then you remove it after you fixed the problem. Secret information has absolutely no business at all appearing in ordinary debug output.

I wonder what the comment said... (2)

bhlowe (1803290) | more than 2 years ago | (#39909461)

I wonder what the source code or version control comments said..

Re:I wonder what the comment said... (2)

HeavyDDuty (2506392) | more than 2 years ago | (#39909533)

// TODO: remove trace statements before commit

Re:I wonder what the comment said... (5, Funny)

Mr. Underbridge (666784) | more than 2 years ago | (#39909663)

//REMEMBER TO COMMENT THIS SHIT OUT SO I DONT GET FIRED

Filter error: Don't use so many caps. It's like YELLING....

How do you fuck up security in BSD? (-1)

Anonymous Coward | more than 2 years ago | (#39909483)

nt

Bad news - but for a very small subset of users (1)

93 Escort Wagon (326346) | more than 2 years ago | (#39909527)

Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 (whole disk encryption) is unaffected.

I can see how those circumstances could occur in the real world; however the first version of FileVault was a pain, and I don't know of many people that kept using it for very long.

I stopped using FileVault v1 after a few days. What sensitive stuff I have is now in encrypted sparsebundles, with the rest of my stuff unencrypted. Time Machine backups are stored on a LUKS-encrypted disk.

FWIW I've stuck with Snow Leopard - not a real fan of Lion. That was another thing I stopped using after a few days, although I did like the whole-disk encryption option.

Re:Bad news - but for a very small subset of users (2)

jo_ham (604554) | more than 2 years ago | (#39909907)

I wasn't a fan of Lion either after only a few days. It still has some things that have changed over SL that I really wish were back (Save As..., the old version of Preview, etc) but I did grow to like it much more when I got a Magic Trackpad instead of using a mouse. I think a lot of my issues stemmed from accessing it with a mouse. It's been designed (for better or worse) with trackpad users in mind.

Still, I can't really say it's been a step forward for OS X over 10.6 - it's a bit of a wash from a personal standpoint.

The specific configurations (1)

Woogiemonger (628172) | more than 2 years ago | (#39909537)

From TFA, the specific configurations that allow this to happen: "Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 (whole disk encryption) is unaffected."

Not really (4, Informative)

mr100percent (57156) | more than 2 years ago | (#39909541)

FTA:

Anyone who used FileVault encryption on their Mac prior to Lion, upgraded to Lion, but kept the folders encrypted using the legacy version of FileVault is vulnerable. FileVault 2 (whole disk encryption) is unaffected.

So only certain configurations, and relatively few at that.

Re:Not really (-1, Offtopic)

NeverSuchBefore (2613927) | more than 2 years ago | (#39909573)

Why have you not returned to Gamemakerdom, my friend?

Are you depressed? Are you lonely? Are you contemplating suicide? For you, the answer to all of those is a resounding "yes." That's why you need to switch to Gamemaker. Gamemaker takes programming to the next level, and will bring joy back to your life.

Switch to Gamemaker! Return to Gamemakerdooooooooooom!

Re:Not really (-1)

Anonymous Coward | more than 2 years ago | (#39909683)

So you like sucking faggot dicks?

Relatively few? (4, Interesting)

WD (96061) | more than 2 years ago | (#39910225)

What qualifies that statement? Any FileVault user that upgraded to Lion would be affected, which I would think would be more than a few. FileVault is not upgraded to FileVault 2 automatically. The user would need to manually disable FileVault and then re-enable it to get the whole disk encryption feature.

Apple and its security... tsk. (-1)

Anonymous Coward | more than 2 years ago | (#39909581)

This is why I don't use Apple and their products and don't see a reason to ever do so...

We have QA processes which automatically detect (5, Insightful)

gcnaddict (841664) | more than 2 years ago | (#39909623)

things such as debug logs during testing.

Does Apple have no such thing? This leads me to think that Apple either has no development lifecycle or, in case they have one, only half-heartedly obey it.

Re:We have QA processes which automatically detect (0)

Anonymous Coward | more than 2 years ago | (#39909673)

I'm thinking they just apply the "logging" functionality to all updates (incase it bricks your apple device) they should just remember to cut or disable the sensitive information... just to show ya that apple is just as vulnerable than any other company big or small. - jb

Re:We have QA processes which automatically detect (4, Insightful)

Anonymous Coward | more than 2 years ago | (#39909773)

I've been working here and there for Software Verification for a number (double-digit) number of years, on a number of products. I've seen programmers do some things in development that they forget to clean out before release that would curl your hair. Especially from the ones fresh out of school, who don't have a lot of experience. "Oh, I'll put in these debug lines just for now." No wrappers or conditional compliation of any kind, so they leak out into the final product with no one the wiser.

Another commenter pointed out that a proper assurance test would look for rogue files. That works for unauthorized/unspecified log files, such as in this case, if the organization has good specifications and tight testing. I'm not in a position to comment about Apple's coverage in this area. The problem is that other debug statements could make unauthorized entries into authorized logs, and who would catch it?

What I saw was most effective was peer code review, especially if you had the coder equivalent of the BOFH in the audience to catch crap like this. There's nothing like people seeing "release" code with debug stuff not stubbed out.

Re:We have QA processes which automatically detect (0)

Anonymous Coward | more than 2 years ago | (#39910177)

Sounds like they need the BOverseerFH.

Re:We have QA processes which automatically detect (0)

Anonymous Coward | more than 2 years ago | (#39910015)

Yea, a hugely successful software company like Apple is absolutely clueless. Score one for gcnaddict, the guy who doesn't do anything that anybody cares about.

this (-1)

Anonymous Coward | more than 2 years ago | (#39909729)

governments cheer at apple, i don't believe in allot of conspiracies but this giant a mistake isn't an accident... (it's not a single button)

Lone Programmer Accidentally Forgot... (0)

Anonymous Coward | more than 2 years ago | (#39909735)

Man am I glad to read that! I was beginning to doubt apple's security credibility for a moment there. Luckily we now know that it's this one programmer's fault and not apple's.

At least it's not an iPhone, so there's less risk this man will commit suicide.

Bug Confirmed (0)

Anonymous Coward | more than 2 years ago | (#39909757)

I've confirmed that this bug is occurring on one of my systems. Its an easy file to find. Its also a bit disconcerting to see my password right there in front of me in plain view. This bug may only effect a small number of systems, but that doesn't matter much if it effects your system.

But Apple are perfect, so of course... (2)

phonewebcam (446772) | more than 2 years ago | (#39909767)

...you're passwording it wrong.

Let me criticize them! (0)

Anonymous Coward | more than 2 years ago | (#39909771)

Since I've never shipped a piece of commercial code with a bug in it, I feel justified in criticize Apple for what is clearly sloppy quality control.

(Never mind that I've never shipped any commercial code...)

wow (0)

Anonymous Coward | more than 2 years ago | (#39909779)

could such a leak not be avoided reliably with an automatic test?

cb

Re:wow (1)

Alex Belits (437) | more than 2 years ago | (#39909865)

No. *Now* it can be avoided. Tests are for known (and therefore fixed) security problems, so they are only good for checking if the same bug is back. What happens in software development disturbingly often.

Re:wow (0)

Anonymous Coward | more than 2 years ago | (#39910017)

If I cross a road I look before I go. I have never been overrun by a car before. So I learned to test for something that never happened to me.

You are talking about one class of tests, there are others.

cb

Re:wow (1)

Alex Belits (437) | more than 2 years ago | (#39910425)

All classes of tests are extremely limited in their usefulness. Some are just peddled better.

Ad the log file in question is ... (2)

knapkin (665863) | more than 2 years ago | (#39909877)

What? Something seriously missing from the summary!

Typical Apple (5, Funny)

toadlife (301863) | more than 2 years ago | (#39909885)

Copying features from Microsoft [microsoft.com] products again.

Re:Typical Apple (1)

MicroSlut (2478760) | more than 2 years ago | (#39910087)

Good job. You found an eleven year old Microsoft non-OS software vulnerability that stores passwords in plain text when the service pack for the software is installed in a non-recommended mode.

Those idiots at Microsoft (0)

Anonymous Coward | more than 2 years ago | (#39909925)

If they weren't such stupid programmers and had paid any attention to security, this wouldn't have happened.

Don't blame the one guy still working on OS X.! (4, Funny)

Y-Crate (540566) | more than 2 years ago | (#39910109)

All of his friends went over to work on iOS and he's been left to pick up the slack. ;)

What a pain! (2)

techdolphin (1263510) | more than 2 years ago | (#39910159)

Now I will have to change my password from "password" to "12345678."

--
A woman once said to Adlai Stevenson, "Every thinking person in America will vote for you," to which Stevenson replied, "That won't be enough, ma'am, I need a majority."

How soon until a fix? (1)

mark-t (151149) | more than 2 years ago | (#39910173)

Because this is problematic if one's login password on a mac happens to be their login password for everything else inside of one company.

Odds are that firewalls will protect outsiders from being able to snoop, but what's to stop somebody on the inside from doing a little covert snooping to discover the administrator's password, and using that to his own advantage in some way?

I would rather hope that Apple addresses this issue before the work day commences tomorrow, because now that this vulnerability is publicly known, it's a shoo-in that it is going to be exploited.

Nonsense! (-1, Flamebait)

davydagger (2566757) | more than 2 years ago | (#39910323)

Everyone knows apple perfectly secure and doesn't get viruses. amidoingitrite macfags?

Re:Nonsense! (0)

Anonymous Coward | more than 2 years ago | (#39910385)

doesn't get viruses

Correction: doesn't get PC viruses.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?