FYI: Massive security hole in High Sierra

[quikah]

Can login as root with no password after a few tries.

https://www.theverge.com/2017/11/28/16711782/apple-macos-high-sierra-critical-password-security-flaw

Setting a root password in terminal fixes it supposedly.

sudo su
passwd

 

[BarkingGhostar]

So funny I think I will make my wife's computer a Linux box.

 

[quikah]

Patch is out.

https://support.apple.com/en-us/HT208315

 

[AMDisTheBEST]

that is no good. I am type of person who encrypts an entire disk, throw important files into a vault, have two step authentication for all my accounts, encrypts all files with AES before uploading them to the cloud, choose unique password of 10 characters and up with numbers and special characters. I even manually checked for open ports and configured fire wall on my machine(which runs Linux)

I am paranoid as hell. Something like this would totally freak me out.

 

[sweenish]

https://www.wired.com/story/macos-update-undoes-apple-root-bug-patch/

Looks like the band-aid rush job can be undone and needs to be re-applied after the latest update. And you MUST reboot after re-applying the security patch.