Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Security Apple

macOS High Sierra Logs Encryption Passwords in Plaintext for APFS External Drives ( 62

Catalin Cimpanu, writing for BleepingComputer: macOS High Sierra users are once again impacted by a major APFS bug after two other major vulnerabilities affected Apple's new filesystem format in the last five months. This time around, according to a report from Mac forensics expert Sarah Edwards, recent versions of macOS High Sierra are logging encryption passwords for APFS-formatted external drives in plaintext, and storing this information in non-volatile (on-disk) log files.

The issue, if exploited, could allow an attacker easy access to the encryption password of encrypted APFS external volumes, such as USB thumb drives, portable hard drives, and other external storage mediums. This bug goes against all well-established Apple development and security rules, according to which apps and utilities should use the Keychain app to store valuable information, and should definitely avoid storing passwords in cleartext.
Video 1, and 2.
This discussion has been archived. No new comments can be posted.

macOS High Sierra Logs Encryption Passwords in Plaintext for APFS External Drives

Comments Filter:
  • by twistedcubic ( 577194 ) on Tuesday March 27, 2018 @05:04PM (#56336841)

    Will a security update shred the logs? I wonder how they're going to fix this.

    • Re:How to update? (Score:5, Informative)

      by Anonymous Coward on Tuesday March 27, 2018 @10:08PM (#56338507)

      It was already fixed in 10.13.2 released December 2017. The person that reported the problem was using the original High Sierra release 10.13.0. She had other people tell her it was fixed in 10.13.2 and 10.13.3.

      Shit for brains runs deep here at Slashdot.

  • Apple is really having the most childish bugs in the last few years?
    • The entire company is having quality control issues. Even the marketing department.

      Apple fixes buggy iPhone X ad before fixing the actual iOS 11 bug []

    • by Anonymous Coward

      Apple copied stupid command line Linux and that's why they have all of these bugs! If they copied Windows instead, at least we'd be able to play games!

    • by Anonymous Coward

      Courageous bugs!


    • Re: (Score:2, Interesting)

      by AHuxley ( 892839 )
      The NSA and what followed PRISM cant be doing hours of crypto on every Mac they encounter in the wild.
      Features like this ensure the security services can work in real time on all big brand US products.
      Junk crypto in the hands of trusting users has been the NSA's pathway to winning for decades.
    • by AHuxley ( 892839 )
      They should have used BeOS.
    • by antdude ( 79039 )

      Apple is being like Microsoft and many other companies. Really bad or worse lack of QA. :(

  • by sandbagger ( 654585 ) on Tuesday March 27, 2018 @05:14PM (#56336937)

    And where is my new Mac Pro tower?

  • by Snotnose ( 212196 ) on Tuesday March 27, 2018 @05:24PM (#56336995)
    I'm a drunk that's been fired a few times for sexual harassment and spent time in jail for corporate espionage. But I promise you I won't write your supra sekrit keyz to a log file in plaintext.

  • Good for Apple for doing that. It might come in handy if someone wants a password for something. Disclaimer: I do not own any Apple products.
  • by viperidaenz ( 2515578 ) on Tuesday March 27, 2018 @05:54PM (#56337219)

    Incase you forget your password, you can find it again so you don't lose your encrypted data!

  • I used to joke that all the good coders have left Apple... but maybe it's not a joke after all.

  • It's been a bad day for Apple on Slashdot...

"Remember, extremism in the nondefense of moderation is not a virtue." -- Peter Neumann, about usenet