I recall Microsoft used to have this problem.
Wade.
Wade.
![]() I recall Microsoft used to have this problem. Wade. |
|
![]() ...with specific respect to testing. The GotoFail bug from 2014 was pretty egregious - all sorts of non-controversial methods could and should have caught it (checking for repeated lines of code, which should be inspected; checking for unreachable code; actually fucking testing that an invalid certificate didn't fucking work, etc.) and the speed with which Apple has turned round the fix would indicate that this is similarly sloppy and easily fixed. There was the APFS password hint bug. https://hackernoon.com/new-macos-high-sierra-vulnerability-exposes-the-password-of-an-encrypted-apfs-container-b4f2f5326e79 There was the keychain bug. http://mashable.com/2017/09/26/apple-mac-os-high-sierra-password-exploit/?utm_cid=a-seealso Not to mention a raft of less critical but still annoying bugs - the random restart/freeze bug would not generate good cheer, for example. (I found an interesting analysis of the APFS password hint bug, and I'll update this post when I find it again. tl;dr: it's just as idiotic as the GotoFail bug - ETA link https://objective-see.com/blog/blog_0x23.html - it's another copy/paste error) Apple is an organisation with no excuses - it has the resources and the talent to do this properly. This is a question of management priorities. Whatever Apple says about its commitment to security is irrelevant; the facts are there for all to see. |
|
![]() There are unconfirmed reports that the patch breaks certain configurations of SMB file sharing: https://arstechnica.com/civis/viewtopic.php?p=34406677#p34406677 This security update breaks SMB file sharing if you don't have the "Less secure" password setting turned on. If you don't have that setting turned on and try to connect to a patched Mac, your password will not be accepted. Quality work, Apple. |
|
![]() A friend bought a 1U MacOS Server machine for work. It was nice, but the fans were very loud. He said all kinds of simple yet important things related to account permissions, IIRC, would break whenever he updated the OS. It was as if they had done no testing at all before rolling it out. As you say, they've got no excuse. But it shows that they continue to not really care about macOS. Cheers, Scott. |