Tom Merritt was on Chit Chat Across the Pond to talk net neutrality. I confess that after all my “I have made fire” talk about writing a script for chapter marks, it didn’t actually work. Learn how to make Holiday Card Address Labels using plain old Apple Contacts. Rush Sherman asks our first ever video Dumb Question – why do I use Downcast when I clearly said I used Pocket Casts before? Patreon did a major shift in how they charge patrons and pay creators, and I wanted to tell you how I feel about it and what hopefully will be changing. In a rare moment of music enjoyment, I suggest you buy If Every Day Were Christmas from Slau Halatyn. Bart Busschots brings us Security Bits about the macOS Root Bug, a HomeKit Bug, and changes to iOS Backup Encryption.
Day: December 10, 2017
Security Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption
Security Medium 1 — macOS High Sierra Root Bug
A nasty bug was found in macOS 10.13 High Sierra — it was possible to cause the root account to become enabled, and to do so with a blank password.
To trigger this bug all you had to do was go into the control panel, click the padlock to un-lock the sensitive settings, change the username to root, enter no password, then hit enter. At this point the authentication would fail, but, the root account would have been made active. Hit enter again, and root with a blank password will be accepted as valid. At this point you can do anything in the control panel, no matter how restricted your account is in theory, and, anything you can get full terminal access as root.
Pocket Casts vs Downcast
Rush Sherman sent in our very first video dumb question:
Using a Screen Reader? click here
I love this question because of how Rush feels betrayed because I had moved on. But even better, I love this question because I have wondered myself why I use Downcast when I said to use Pocket Casts.