Same font they're using in iOS 11 Notes. God that's an eyesore. Makes my brain hurt.
|
|
# ? Nov 28, 2017 18:52 |
|
|
# ? May 9, 2024 14:01 |
|
Lame. It looks cartoonish and isn't used anywhere else.
|
# ? Nov 28, 2017 20:59 |
https://twitter.com/lemiorhan/status/935578694541770752
|
|
# ? Nov 28, 2017 21:15 |
|
Confirmed that bug on all my machines. Holy loving poo poo etc. Can't login to a locked/rebooted Mac as far as I can tell, but.... holy poo poo.
|
# ? Nov 28, 2017 21:40 |
|
Well, this'll be front page news soon.
|
# ? Nov 28, 2017 22:35 |
|
ESCALATION PRIVILEGES WITH PHYSICAL ACCESS SAY IT ISN'T SO
|
# ? Nov 28, 2017 22:36 |
|
Yeah it’s a bad bug for sure, but so far from what I’ve seen the mitigation should be FileVault plus lock or sleep your computer when you aren’t in front of it, and you should be doing that stuff anyways.
|
# ? Nov 28, 2017 22:39 |
|
How is this reproduced? I tried it on my machines (by changing the login window setting to username/password instead of list of users) but I can't log in as root. But login window has no "login button" like the tweet says to click, so maybe I'm trying this in the wrong place? Edit: Ah, the authentication dialog, not the login window. Choadmaster fucked around with this message at 22:47 on Nov 28, 2017 |
# ? Nov 28, 2017 22:42 |
|
Nothing you couldn't do before with physical access (reboot into single user mode, etc) But yeah, not a good look Best way to "mitigate" it currently is to trigger the bug (thereby creating the root account) then "sudo passwd" to change the root password from blank to... not-blank. Choadmaster posted:How is this reproduced? You have to trigger the creation of the root account first, by being logged in and having an admin password prompt come up, and then entering "root" with no password and submitting it twice. Then you can logout/reboot and login as root with no password, but you can't trigger the bug from the login screen.
|
# ? Nov 28, 2017 22:43 |
|
Choadmaster posted:How is this reproduced? I tried it on my machines (by changing the login window setting to username/password instead of list of users) but I can't log in as root. But login window has no "login button" like the tweet says to click, so maybe I'm trying this in the wrong place? Go to Sys Prefs and unlock a pane. Type in 'root' and blank, and just hammer return a few times. P.S. This now enables the root user with a blank password, so hopefully you're on a safe network while you undo that.
|
# ? Nov 28, 2017 22:45 |
|
^^ dammit pivoChoadmaster posted:How is this reproduced? I tried it on my machines (by changing the login window setting to username/password instead of list of users) but I can't log in as root. But login window has no "login button" like the tweet says to click, so maybe I'm trying this in the wrong place? Go to System Preferences and try to change something so that it brings up the user/pass box
|
# ? Nov 28, 2017 22:46 |
|
I see, this is the authentication dialog, not the login window. Edit: Pivo posted:P.S. This now enables the root user with a blank password, so hopefully you're on a safe network while you undo that. Good to know; fixed. This is hilariously bad. Choadmaster fucked around with this message at 22:50 on Nov 28, 2017 |
# ? Nov 28, 2017 22:47 |
|
pzy posted:Nothing you couldn't do before with physical access (reboot into single user mode, etc) Not with FileVault. Even encrypted machines left unattended (and come on, people leave machines unlocked all the time), someone can just quickly create a root/blank account and they'd be none the wiser. Also, think of disgruntled employees on locked down machines.
|
# ? Nov 28, 2017 22:47 |
|
Is this a bug? I manage a large environment of Macs but do rely on the Apple provided images for OS upgrades and I am not able to reproduce this on any of my machines, including one that I just upgraded to High Sierra yesterday.
|
# ? Nov 28, 2017 22:48 |
|
Choadmaster posted:I see, this is the authentication dialog, not the login window. It propagates to the login window though. Once you've created a root user with a blank password in System Preferences, you can use it to log in.
|
# ? Nov 28, 2017 22:50 |
|
Look, we all know physical access is pwned anyway, but this is thoroughly pwned in 10 seconds flat by someone walking by to a machine logged in to an unprivileged account. If you don't think this is bad, you are the worst kind of Apple fanboy. They dun' goofed so hard. edit: you can just turn off FileVault and steal the whole machine later Pivo fucked around with this message at 22:58 on Nov 28, 2017 |
# ? Nov 28, 2017 22:53 |
|
They're preparing users for FaceID on the Mac
|
# ? Nov 28, 2017 22:56 |
|
FaceID macOS refuses to give you root if you don’t have Cheetos in your beard and a Linux pun on your T-shirt.
|
# ? Nov 28, 2017 23:33 |
|
EL BROMANCE posted:FaceID macOS refuses to give you root if you don’t have Cheetos in your beard and a Linux pun on your T-shirt. Yeah and you have ot live in your moms basement too
|
# ? Nov 28, 2017 23:35 |
|
There better be a fix in 10.13.2!
|
# ? Nov 29, 2017 00:11 |
|
I have the flu and woke up to this tearing up my Twitts. Here's what I posted in the Grey InfoSEC thread. (note: "if you have screen sharing on, it will work." is referring to the idiocy that you can remote in using the root account) Proteus Jones posted:Yeah, if you have screen sharing on, it will work. Proteus Jones posted:Apple just released this: Proteus Jones fucked around with this message at 01:59 on Nov 29, 2017 |
# ? Nov 29, 2017 01:11 |
|
Some of those are untrue like "It will work on the logon screen if you have it set to force entering a User ID."
|
# ? Nov 29, 2017 01:53 |
|
pzy posted:Some of those are untrue like "It will work on the logon screen if you have it set to force entering a User ID." Yeah, in the context of the conversation (i.e. getting in to the Mac using root user) it was more "you can login as root" not that it will enable root using the technique from the tweet. I wasn't clear on that, sorry. Also, the user list is bad way to see, since root is there but disabled. That was my bad, there. Just use the KB to set the password and disable root. That way if it gets enabled due to a related or new bug, you at least have a password and aren't opening up your root with a NULL password. Proteus Jones fucked around with this message at 01:57 on Nov 29, 2017 |
# ? Nov 29, 2017 01:55 |
Why should I disable my root user completely? For some reason I created one ages ago so the bug didn't work.
|
|
# ? Nov 29, 2017 02:04 |
|
tuyop posted:Why should I disable my root user completely? For some reason I created one ages ago so the bug didn't work. What do you possibly need it for? Any admin level tasks should be done with 'sudo' in the CLI (which is what the GUI is really doing when it need your password to install or change things)
|
# ? Nov 29, 2017 02:06 |
|
Proteus Jones posted:Yeah, in the context of the conversation (i.e. getting in to the Mac using root user) it was more "you can login as root" not that it will enable root using the technique from the tweet. I wasn't clear on that, sorry. I actually tested that: setting the password for root, then disabling it again. The exploit still worked, so leave it enabled with the password set.
|
# ? Nov 29, 2017 03:00 |
|
Luceo posted:I actually tested that: setting the password for root, then disabling it again. The exploit still worked, so leave it enabled with the password set. Yes, the immediate fix is to leave the root user ENABLED, but give it a password. If you disable root (even if you gave it a password), then you can re-enable and reset its password to nothing. I just reproduced that exactly like you said. For now, leave root enabled but give it a password. That's it. e: Once a fix is in the pipe, you can safely disable root again, I think?
|
# ? Nov 29, 2017 03:12 |
|
loving hell. This is even worse than I initially thought. EDIT: Jesus Christ. I just re-enabled it going through the Directory Utility and it prompts me to set a password when I enable. That tells me when you disable root, it clears the password back to NULL. WHAT THE loving poo poo, APPLE. Proteus Jones fucked around with this message at 03:19 on Nov 29, 2017 |
# ? Nov 29, 2017 03:16 |
|
Came to this thread to make sure you guys know, glad everyone is on top of things. This and the keychain exploit (which by the way, having a place where all your passwords are stored I would hope they would test that to the ground), god drat it apple. What bothers me about this is you can get root access from a simple AppleScript requesting it which means unsigned apps can silently obtain/change a lot of things on your computer. Nude fucked around with this message at 03:20 on Nov 29, 2017 |
# ? Nov 29, 2017 03:16 |
|
This was posted on the their developers forum over two weeks ago https://forums.developer.apple.com/thread/79235 quote:chethan177 Boris Galerkin fucked around with this message at 07:25 on Nov 29, 2017 |
# ? Nov 29, 2017 07:22 |
|
quote:(hurray, you're the admin now)
|
# ? Nov 29, 2017 07:31 |
|
macOS and Mac Software: hurray, you're the admin now Please.
|
# ? Nov 29, 2017 11:20 |
|
Your the admin now, dog!
|
# ? Nov 29, 2017 12:47 |
|
Some people are mad quote:Given the nature of the workaround one has to ask why you posted Solution #2 instead of reporting this issue to Apple's bug bounty program.
|
# ? Nov 29, 2017 13:00 |
|
I don't understand that mentality at all. It's not this random dude's job to make sure Apple don't make such a gently caress up. He can tell who he likes.
|
# ? Nov 29, 2017 13:05 |
|
I thought Apple didn’t have a macOS bug bounty program?
|
# ? Nov 29, 2017 13:11 |
|
Choadmaster posted:macOS and Mac Software: hurray, you're the admin now TBH most single user machines are already admin on the main account, this is root.
|
# ? Nov 29, 2017 13:35 |
|
Quantum of Phallus posted:I don't understand that mentality at all. It's not this random dude's job to make sure Apple don't make such a gently caress up. He can tell who he likes. I think most of the dust has settled but a decade ago, in the security community, Responsible Disclosure vs. Full Disclosure was a real and contentious issue with full on Internet slap fights. skull mask mcgee posted:I thought Apple didnt have a macOS bug bounty program? I think they kind of do, but it's invite only. And I think you have to have a developer account, which is $99/yr.
|
# ? Nov 29, 2017 15:51 |
|
Is it me or is Bluetooth hosed up in High Sierra? My AirPods constantly connect and reconnect and then magically connect for a while and then disconnect. I get that BLUMM noise all the time while im watching videos and stuff. I tried unpairing, still happens, the firmware is updated, and I reset the bluetooth controller on the iMac 5k where this is happening. This doesnt happen on my iPhone or iPad.
|
# ? Nov 29, 2017 16:11 |
|
|
# ? May 9, 2024 14:01 |
|
Anecdotally, my BT is fine on both daily drivers where I wear BT headphones all the time during use. Not AirPods, mind you.
|
# ? Nov 29, 2017 16:20 |