Apple’s latest major Mac operating system, macOS High Sierra, has seen more than its fair share of bugs. These aren’t minor bugs, either. Previously, there was a bug that allowed any user root access to your Mac because the system accepted a blank password attempt.
Yet another security bug has been found in the operating system that allows users to access the passwords to encrypted APFS external drives.
While not as simple nor obvious as the root bug, passwords can be revealed with a simple Terminal command as of macOS 10.13.1. Later versions of macOS High Sierra have reportedly fixed this loophole, somewhat.
When converting a previously unencrypted APFS drive to an encrypted APFS drive, this workaround still works, however, will not work when converting a non-APFS drive to APFS and then encrypting the drive. While not as huge as the original bug, it’s still a security hole nonetheless.
The site used the following command in Terminal to view the password:
log stream –info –predicate ‘eventMessage contains “newfs_”‘
macOS High Sierra has been a roller coaster for many users due to the large amount of bugs. The next major release of macOS, presumably macOS 10.14, is rumored to be focused on bug fixes and stability improvements. Hopefully this means that Apple will be on top of their game and fix bugs like these before it is discovered.
Read more about the security vulnerability here.