MacOS High Sierra Shows Passwords In Plain Text Without Hacking
MANHATTAN, N.Y. – Apple released its latest operating system: the MacOS High Sierra. This MacOS is compatible with iMac and MacBook units in 2010.
Their latest operating system offers new features and significant changes to all Mac users. One of MacOS High Sierra’s latest functionality is the Apple File System (APFS). This feature allows users to identify and search files in a systematic way.
Although this change has unique quirks, this is not a reason for researchers and software developers to discover a new privacy bug.
The software developer, Matheus Mariano, found an alarming bug that can put all MacOS Sierra users at risk. According to Mariano, this bug reveals passwords for encrypted APFS files. The horrible thing about this problem is that anyone can go to someone’s APFS volume even though he is not an experienced hacker. The hacker just needs access to the victim’s gadget, so he can open the APFS data on his laptop.
Mariano demonstrated how it worked. He set up a new encrypted data from within the Disk Utility (DU). He then unmounted and remounted the volume until the hint appeared. As expected, his password showed up in plain text.
Meanwhile, another software developer, Felix Schwartz, managed to recreate the MacOS High Sierra bug on his device. According to Schwartz, the virus is not in the software, but it is in the DU. He did what Mariano did, and it also showed the volume hint instead of the actual password.
Unfortunately, this security problem still exists in the latest beta version of MacOS High Sierra. This only means that the files in the APFS are still unprotected. There is, however, a way to protect the volume in APFS. Mac users just need to disable any form of password hints as this may seem the only way to prevent this problem.