Disk Utility Bug in macOS High Sierra Exposes Passwords of Encrypted APFS Volumes in Plain Text [Updated]

[zorinlynx]

Yes, there some HUGE problems with Apple QA these days.

iOS 11 is riddled with obvious bugs. I just got one about 10 minutes ago. Was just deleting a few voicemails (swipe delete) and the Phone App crashed. Then there is a very reproducible Messages bug where the keyboard obscures the last few messages and you can't get to them. Real rinky-dink stuff that should be caught.

I'm starting to think that Apple is relying too much on the Beta process to collect bugs instead of having robust internal QA.

Dude! Their relying on the beta process isn't working either!

SEVERAL of us submitted the calculator bug *EARLY* in the freaking iOS beta process. We're talking beta 1 here. And the bug stayed, through each and every beta into final release. An obvious, EASY to reproduce bug.

Same thing with the frame dropping problems with 3D Touch, animation glitches, etc... These bugs are being reported EARLY and FREQUENTLY and Apple is not fixing them.

QA at Apple is definitely screwed up. The beta process should be helping, and we're trying to help by reporting bugs and issues but they're still being ignored. And the sad thing is that even with all these problems, iOS is still better than Android when it comes to bugs and them getting fixed. I wonder if they're just riding on that fact and getting lazy?

Apple needs to start getting their ass kicked a bit in the market so they wake up.

 

[bcash97]

I’ll be continuing to hold off on the update

 

[iShater]

What kinda of QA team do they have for this? How can this be missed? Even a code review would have uncovered this!!!

 

[OldSchoolMacGuy]

Something that will impact about 0.1% of Mac users. I wouldn't worry about it too much unless you're using encrypted volumes, mounting them, then unmounting, then mounting them.

 

[Joe Rossignol]

To be clear, the linked Twitter thread suggests that this is a Disk Utility bug, where if you create a password-protected volume in Disk Utility it inadvertently sets the hint to the password itself. It's not a bug that allows the password itself to be uncovered via other means, which is what I originally thought this meant and which was surprising to me since the only way to do that should be computationally expensive brute-force methods (the data itself is encrypted with the password; it's not just artificially protected by one, and it shouldn't be possible to "reverse lookup" the password by any true means).

That's a very good point, although I don't know many people using Terminal to create volumes on macOS, so the impact can be large.The problem is Disk Utility is setting the hint to the password itself. It's a bug in Disk Utility, not APFS.

@840quadra : It would be wise to update the article. Here's a link to a tweet showing that creating the APFS-encrypted volume via Terminal is not susceptible to this bug in Disk Utility:

https://twitter.com/felix_schwarz/status/915857500330700801

Thanks for the feedback. I've updated the article:

For clarity, this appears to be a bug within Disk Utility itself. When creating an encrypted APFS volume in Terminal with the diskutil command line utility, the actual hint is shown, rather than the password.​

 

[OldSchoolMacGuy]

What kinda of QA team do they have for this? How can this be missed? Even a code review would have uncovered this!!!

Obviously not. Seems none of the beta testers (including developers and public beta testers) bothered to try this or report an issue.

 

[macs4nw]

Time to change passwords people.

 

[nvmls]

Lol, this was known in the scene, dev exposed it, let Apple's current userbase to go with the flow and install all the half baked crap they put out, tell you how much they care about privacy, safari is snappier, some kid will comment on why he thinks upgrading from 7sss to 8sss should be less of a ripp off... it's brilliant, very according to them, this is what the mac product line software & hardware-wise has become, a sad joke.

As the manual would put it, congrats, this flaw was made for you.

 

[kometen]

Easy developer mistake, but seems like it should have been very easy to test, too.

I realize that running a huge company must be difficult, but it's really surprising that Apple doesn't have the resources to test these things, especially because they are trying to stake a claim on privacy, and security is an essential ingredient.

---

For some things, I think I trust Google more because they seem more likely to share marketing information about me, but a lot less likely to accidentally divulge all my saved information.

Yes, some blunder, and serious. But Google have had their share as well. When they launched Google+ many years ago people were linked together with others without their knowledge. Which for some Chinese dissidents meant they became "friends" with their adversaries. Maybe Google did call it something other than G+ but they did it to quickly get over a critical mass so the users would start using it.

 

[varunsanthanam]

Holy **** this is terrible. A massive vulnerability. I’m hoping it’s a high level issues with the file system, cuz if people need to reformat their drives...

.... I’m going to be extremely unhappy

 

[Poncho]

Disk Utility has been rendered useless anyway. If I want to manage any of my external hard disks I have to plug them into a laptop running Mountain Lion. Sierra tells me they are broken or dismounts them and can't re-mount them or can't partition them because it says they are not formatted a certain way – when I know full well that they are.

 

[DotCom2]

Good GREIF! It's every time now with Mac OS and iOS as well. I just don't update anymore until .4 is out on either!

 

[Glideslope]

Apple seriously needs to start hiring better QA engineers....

Trying to do too much too quickly. Not a good sign especially given the iOS Roll Out. I’m becoming concerned.

 

[brunerd]

This is why having the user community helping beta test software & OS releases is so important.

Let's call this the "Kitty Genovese" effect, that was famous murder in NYC 1964, where many people heard/saw something happening but everyone figured "Oh I'm sure some else called the cops". It's the same thing here, we all figure "With this many eyeballs on the problem, surely someone will file a well written bug report" and it seems even if they do, it'll sit untouched. The "Steal Yo Keychain" post on Patreon from the author of the Keychain Stealer POC said he alerted Apple in September to the issue.

There was a QA/Unit Testing job at Apple many many years ago, it seemed like they wanted to do high volume repeatable tests, but it doesn't seem like they've done that? On a more tangential note, I've seen some very interesting things with "afl" American Fuzzy Lop, a fuzzer that uses an 'instrumented' build of a binary to find internal code path usage, so better than a normal fuzzer that only gets a return value, afl is able to 'see inside' a binary when it is fuzzing and find out if it is tickling the right spot. It was able to generate valid bash code that triggered exploitable behavior!

My point being, this armchair quarter-back definitely thinks Apple can do better, there are amazing tools and amazing people but if the eye on the prize is "market share dominance through strategically timed releases" rather than "no Apple before it's time" then things will ship ready or not just to meet a deadline. The more things Apple puts itself financially on the hook for like Bonds, the more they will prioritize financial considerations over technical bugs to be fixed before shipping.

 

[groove-agent]

Apple has grown complacent and sloppy under Tim Cook.

 

[pat500000]

I am reconsidering about buying modular mac pro now. Luckily i'm on sierra.

 

[Glideslope]

Good GREIF! It's every time now with Mac OS and iOS as well. I just don't update anymore until .4 is out on either!

Indeed. I’m might go to .4 as well.

 

[MikhailT]

Nothing to do with QA, this is simply the nature of marketing-driven release schedules.

Did Apple have to ship iOS 11/macOS a few weeks ago? No. They could’ve ship iOS 10 updates to support new iPhones but they needed something to justify them.

Apple is linking all platforms together, so they’re forced to ship them together as well.

 

[johnfrombeyond]

Unbelievable. I am completely nonplussed.

Don't you mean you are plussed? Or is it minussed?

 

[0003939]

What kinda of QA team do they have for this? How can this be missed? Even a code review would have uncovered this!!!

Not many people will add an APFS container at some random time, and that is how it can be missed. This is not the most common usage by consumers.

 

[imasterus]

So, they say to upgrade to the latest OS to get the most secure one. Not the case anymore.

 

[coolfactor]

This is why having the user community helping beta test software & OS releases is so important. Also glad to see people using their skills to help improve systems rather than exploitation and wreaking havoc.

Yah, how was this not caught during the beta testing period?

 

[potassium404]

Did Apple hire some ex-Windows programmers?

Not even Windows is this bad, and that's just sad.

 

[AllergyDoc]

Trying to do too much too quickly. Not a good sign especially given the iOS Roll Out. I’m becoming concerned.

My vote is for Apple to stop thinking they have to release a new OS every single year. How about 2 years since that’s about how long it takes for a new OS to be relatively (I said relatively) bug-free and stable.

 

[Dave-Z]

Don't you mean you are plussed? Or is it minussed?

Ugg... The internet makes it so hard to know if someone is joking or not.

If you're joking: lol

If you're not: https://www.merriam-webster.com/dictionary/nonplus

¯\_(ツ)_/¯