Is Apple Even Paying Attention To macOS Security Anymore?


A new Mac security flaw lets you type literally any username and password in order to unlock the Mac App Store panel in System Preferences. It’s probably not a big deal practically speaking—the panel is unlocked by default—but the fact that this issue exists at all is a worrying reminder that Apple isn’t prioritizing security like they used to.

I get it: tech journalists tend to lose their mind when it comes to Apple. The slightest flaw is hyped up beyond belief, given a name ending in “gate,” and then forgotten about within a month. It’s a regular cycle at this point, and it makes it hard for readers to recognize actual problems.

A Bit of History

So let’s review quickly. Back in November, 2017, a macOS bug let anyone create a root account without a password in System Preferences simply by typing “root” as the username and making up literally any password. Instead of denying you access, like a well designed system would, macOS High Sierra would just create a root account using whatever password you entered.

In addition to being mind numbingly insecure, this is bizarre behavior. Why in the world would making up a root password create a root account out of whole cloth? What is happening in the backend that makes that possible?

It’s hard to imagine, which is why this wasn’t a case of tech journalists exaggerating. It was really, really bad.

And the cleanup after that bug didn’t…

Sasha Harriet

Sasha Harriet

As content editor, I get to do what I love everyday. Tweet, share and promote the best content our tools find on a daily basis.

I have a crazy passion for #music, #celebrity #news & #fashion! I'm always out and about on Twitter.
Sasha Harriet

More from Around the Web

Subscribe To Our Newsletter

Join our mailing list to receive the latest news from our network of site partners.

You have Successfully Subscribed!

Pin It on Pinterest