Disk Utility Bug in macOS High Sierra Exposes Passwords of Encrypted APFS Volumes in Plain Text [Updated]

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Oct 5, 2017.

  1. Williesleg macrumors member

    Oct 28, 2014
    NY, NY
    What's troubling is that Apple stores your passwords unencrypted or has a way to decrypt them. And didn't tell us.

    That's inexcusable.

    Normally when you key in a password on any sane operating system, it encrypts what you keyed in with an one-way encryption algorithm. Then it compares the encrypted string vs. what's stored encrypted. That's the way it's supposed to work.

    What this says is that Apple either chooses to ignore that, or doesn't care. Either way, the cat's out of the bag, there's a way for Apple to see or recover your password easily.
  2. the johnmc macrumors newbie

    the johnmc

    Jun 23, 2017
    iPhone: 38.551970,-121.698453
    They don't. They store the hint as plain text. The password got inserted into the hint field by mistake.
  3. simonmet macrumors 65816


    Sep 9, 2012
    Sydney, New South Wales
    Well this is embarrassing. At least there was a quick turnaround.
  4. Williesleg macrumors member

    Oct 28, 2014
    NY, NY
    I wouldn't bet on that. Unless you wrote the code I wouldn't assume.
  5. Ener Ji macrumors member

    Apr 10, 2010
    It's been verified by performing the same commands from the command line... which behaves as expected.
  6. Floris macrumors 68020


    Sep 7, 2007
    I wonder if the NSA and such have a bootable usb of this image and are massively upgrading all the confiscated disks to that one build, and clicking 'show hint' ..

    And I wonder if they already have a newer version in the future, if they could downgrade to that build, mount and use that ..

    I kinda wonder if FV has become obsolete now due to this bug.

    I know before I upgraded that I dumped the installer to a usb stick because you know there's always that one family member that forgot their password.
  7. ruchern macrumors regular

    Jun 2, 2017
    --- Post Merged, Oct 5, 2017 ---
    Good call and possibly there is no password set. Arguments ordering probably screwed this one up.
  8. chrfr macrumors 603

    Jul 11, 2009
    This only applied to a small set of encrypted disk images made via the Disk Utility application in 10.13. Filevault is no less secure than it was before.
  9. overcast, Oct 5, 2017
    Last edited: Oct 5, 2017

    overcast macrumors 6502a

    Jun 27, 2007
    Rochester, NY
    Well, this definitely isn't the case for me with 10.13. I double checked a drive I did through the Disk Utility, and it absolutely did not store the password. Only what I initially put in there. Just triple checked with a fresh disk, and it only has my hint that I typed. Not sure what the circumstances are to make this happen but it's definitely not 100%
  10. fairuz macrumors 6502


    Aug 27, 2017
    Yeah, it would encrypt with the hint. Maybe they had bad variable names and set the hint to the password by accident. Or there's a super crazy buffer overrun bug due to some asm-level hacks that puts the psw into the hint. Given how many times the "new" Disk Utility has crapped out on me, I'd believe either story.
  11. thadoggfather macrumors 604


    Oct 1, 2007
    I didn't say that but :)
  12. einsteinbqat macrumors regular


    Nov 3, 2012
    And what about those of us who runs the 10.13.1 beta?
  13. fairuz macrumors 6502


    Aug 27, 2017
    Oops, sorry. The quote structure somehow got screwed up.
  14. redheeler macrumors 603


    Oct 17, 2014
    Apparently what was happening was that only during initial drive encryption setup using the affected build, the password itself would be set as the plain text hint. It won't work to recover existing passwords for disks encrypted on versions of MacOS without the bug, because those would have already set the hint to the correct value and encrypted the password.

    Still a very embarrassing bug, especially when it's Apple that is typically trusted more from a security/privacy standpoint. At least they put out a security update instead of waiting for 10.12.1 to fix, but honestly, both MacOS High Sierra and iOS 11 seem to be more rushed and buggy this year - not good. At least my experience with the release build of High Sierra has been positive for the most part.
  15. RiderX macrumors regular

    Nov 9, 2012
    Steve Jobs passed away 6 years ago and it shows.

    For Tim Cook, diversity, anti-Trump activism and social justice wars are more important than product quality.
  16. niji macrumors 6502a


    Feb 9, 2003
    to be clear, if the robber comes through the front door he gains access.
    but if the robber tries get in by the back way, he cant.
  17. jb-net macrumors member

    Apr 7, 2012
    Exactly! This is way more scary than actually displaying the password because this leads to the assumption that there is something fundamentally wrong with the implementation of the security concept of AFS in macOS.
  18. ojobson macrumors newbie


    Nov 18, 2009
    Is this only an issue in High Sierra if you set a password.. so, if you already had an encrypted drive then you were ok as long as you didn't use disk utility to change the password for the encrypted partition/drive?
  19. iShater macrumors 604


    Aug 13, 2002
    If someone made a code change to a security component that handles passwords you bet a code review and QA still has to happen regardless, this is basic software development.
  20. neurophysicist macrumors member

    Jul 20, 2011
    A little confused, a few questions for clarification:

    1. I'm on Sierra (and while the vulnerability only applies to High Sierra/APFS), I noticed there is no "Volume" button when I right-click a disk or volume, and there is no button in the Disk Utility menu (as we see in the videos). Is this a feature that is only available in High Sierra?

    2. I often create Disk Images via Disk Utility to act as password protected folders; I also format external drives as encrypted via Disk Utility before using them for other purposes (Time Machine, extra space, etc.)

    What is the difference between these methods (Disk Image, formatting, and partitioning external/internal drives) vs creating volumes? I wasn't sure if the volume behavior was the same as creating an image, since they both seem to make files you (virtually) mount in Disk Utility.

  21. Ener Ji macrumors member

    Apr 10, 2010
    I'm sure the next beta will include the security fix.
  22. Relentless Power macrumors P6

    Relentless Power

    Jul 12, 2016
    And you know what else is unfortunate, what you stated it is not fact in bold. That's an opinion. So you can't pass something as concrete evidence based off an anecdotal opinion over your dismay for this Company, contrary to what you believe.
  23. Rochy Bay macrumors newbie

    Rochy Bay

    Apr 5, 2016
    Cupertino, CA
    This is great, they won't help you recover your iCloud password even if it locked a phone and you are the owner. BUT they give complete access to your hard drive to anyone. Typical of CRAPPLE.

  24. rshrugged macrumors 6502a

    Oct 11, 2015
    You might find this of interest.
  25. jblagden macrumors 65816


    Aug 16, 2013
    This is one of the reasons why I'm getting into Linux - repairable and upgradable hardware.

Share This Page