PC Companies Are Getting Sloppy With Security


Nothing is perfectly secure, and we’ll never eliminate every vulnerability out there. But we shouldn’t be seeing as many sloppy mistakes as we’ve seen from HP, Apple, Intel, and Microsoft in 2017.

Please, PC manufacturers: Spend time on the boring work to make our PCs secure. We need security more than we need shiny new features.

Apple Left a Gaping Hole in macOS, and Did a Bad Job Patching It

If this were any other year, people would be holding Apple’s Macs up as an alternative to the PC chaos. But this is 2017, and Apple has had the most amateurish, sloppy mistake of all—so let’s start there.

Apple’s latest version of macOS, known as “High Sierra”, had a gaping security hole that allowed attackers to quickly sign in as root and get full access to your PC—just by trying to sign in a few times without a password. This could happen remotely via Screen Sharing, and it could even bypass the FileVault encryption used to secure your files.

Worse yet, the patches Apple rushed out to fix this didn’t necessarily fix the problem. If you installed another update afterwards (from before the security hole was found), it would re-open the hole—Apple’s patch didn’t get included in any other OS updates. So not only was it a bad mistake in High Sierra in the first place, but Apple’s response—while fairly quick—was a mess.

This is an unbelievably bad mistake from Apple. If Microsoft had such a problem in Windows, Apple executives would be taking pot shots at Windows in presentations for years to come.

Apple has been coasting on the Mac’s security reputation for far too long, even though Macs are still less secure than Windows PCs in some fundamental ways. For example, Macs still don’t have UEFI Secure Boot to prevent attackers from tampering with the boot process, as Windows PCs have had since Windows 8. Security by obscurity isn’t going to fly for Apple anymore, and they need to step it up.

HP’s Pre-Installed Software Is an Absolute Mess

HP has not had a good year. Their worst problem, which I personally experienced on my laptop, was the Conexant keylogger. Many HP laptops shipped with an audio driver that logged all keypresses to a MicTray.log file on the computer, which anyone could view (or steal). It’s absolutely crazy that HP wouldn’t catch this debug code before it shipped on PCs. It wasn’t even hidden—it was actively creating a keylogger file!

There have been other, less serious problems in HP PCs, too. The HP Touchpoint Manager controversy wasn’t quite “spyware” like a lot of media outlets…

Sasha Harriet

Sasha Harriet

As content editor, I get to do what I love everyday. Tweet, share and promote the best content our tools find on a daily basis.

I have a crazy passion for #music, #celebrity #news & #fashion! I'm always out and about on Twitter.
Sasha Harriet

More from Around the Web

Subscribe To Our Newsletter

Join our mailing list to receive the latest news from our network of site partners.

You have Successfully Subscribed!

Pin It on Pinterest