Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
macOS High Sierra's App Store System Preferences Can Be Unlocked With Any Password [Updated]
- Thread starter MacRumors
- Start date
- Sort by reaction score
Ok thx. Hope it’s the former. Otherwise, sloppy to allow the bug and sloppily lacking documentation of the fix. Gotta tighten things up a bit in Cupertino.
This access is so trivial, that it is unlocked by default within an admin account. The bug is that, if you choose to override the default and lock it, the lock is pointless.
Spoken like a true expert on the subject.
You know, one _could_ blame iOS for the problems that macOS is experiencing.
But at the end of the day, Apple dev teams are failing. Changes to established features are going unchecked. This is a serious breach of standard development protocol.
Nobody said asking for a password is too much.
But for someone to have access to this bug, they have to have had the password in the first place. As in, this won’t be exploited and isn’t as bad as these people freaking out make it seem.
These corporations are only presenting you with the illusion of privacy and safety. None of them are. It's just now not only has the curtain to OZ been pulled aside, he's literally yelling directly at you that this isn't real.
Not if he actually read the bug description. It's a trivial bug that should affect approximately nobody.
Because they care much less about the Mac and it isn't anywhere near as locked down as iOS so there is much more scope for security issues . The quality levels on iOS aren't much better. Regular scam apps hitting the App Store, the general lag/bugginess of iOS 11 even on the latest hardware etc.
There just seems to be a general complacency and lack of quality control about most things they do these days.
Agree. These annual OS updates really do more harm than good.
To me, it's not about the seriousness of this one oversight. It's how this system-level protection mechanism is so fragile, and why developers are messing around with it.... 16 years later.
Apple needs to do a complete top-to-bottom review of this to find out what is going on. Something needs to change so things like this can't break so easily without being noticed. It's not just about someone in QA _trying_ to make it break through random actions.
I think most are missing that point because it actually isn't the point at all. The point is, and most aren't missing it btw, Apple's level of software QA/QC has been subpar lately. Software issues big and small, across iOS and MacOS have been highlighted within the last month or so. Are these issues indicative of what to expect from Apple software? One would hope not, but recent history indicates it's possible.
The point that you're making only seems to be of consequence for those looking to excuse this latest issue.
I agree about slowing down. Ever since they went to the annual major revision schedule, the quality and stability of the releases had gotten considerably worse. They don't need to update OSX every year - they don't need to update it every other year even. Microsoft isn't releasing a major revision that often, so what is the rush?
Just update the component apps as needed to maintain compatibility and consistency across the lineup (e.g., update the Messages app with whatever you need for make it work with iOS). Then release a major OSX revision when you actually have something worth releasing.
Then there are two serious bugs. They sum, or maybe coalesce if one leads to the other, but they don’t cancel.
Apple thinks they have a working password box, but they don’t, and Apple thinks they’re protecting something with that password request that they aren’t.
The danger here isn’t in the outcome (access to minor, unprotected settings) but in the process. They failed in achieving their intended security outcome and didn’t detect it. If it involves a password it should be held to a higher standard.
I don't see that at all. iOS 11 has been great for me since around beta 3, even better on the iPad. Runs great on my X and iPad Pro 10.5.
I think the point is that anytime you’re presented with a password prompt it should mean something.
No, of course I did. I manage a virtual team of 60 people in the logistics industry using my iPad Pro. Perfect for email, video conferencing, OneNote, Word documents, research, etc. I have only run into some minor issues that required some more difficult workarounds, but the advantages iOS and the iPad bring me outweigh those easily. I am fully aware that this is a specific use case, but yea it works great for me. I think iOS has a brighter future than macOS, aside from developers (right now).
You are always defending Apple regardless of the severity of the defect. If Apple decided to guard something with a password they though it was important. Well, they failed. Again.
No, you have to enter a password, but it can be anything.
This is what Apple needs as a leader...
Mr. Jobs reportedly asked the assembled engineers and other MobileMe team members, “Can anyone tell me what MobileMe is supposed to do?” When one of those employees then volunteered a satisfactory answer, Mr. Jobs followed up with, “So why the **** doesn’t it do that?”
Mr. Jobs reportedly asked the assembled engineers and other MobileMe team members, “Can anyone tell me what MobileMe is supposed to do?” When one of those employees then volunteered a satisfactory answer, Mr. Jobs followed up with, “So why the **** doesn’t it do that?”
Am I looking through rose-tinted glasses, but did we ever see so many issues -- big and small -- consistently populating the Apple ecosystem between, say, 2000 and when TC took over?
I’d rather this error than Microsoft’s pulling of the Spectre and Meltdown fix update because it bricked computers with AMD chips.
It doesn't matter - it shows how SLOPPY they are getting. Steve Jobs would've decapitated the entire security team personally for this. Not impressed, Apple. Lots of other bugs and annoyances getting through lately, as well. Lots of apps you can get out of, silly procedures, etc. I'm the worlds largest Mac fanboy, been on Apple since 1999, but the last year or two have been very very messy for them.
SMARTEN UP, APPLE!
Not impressed,
Cameron Hood