MPG has written on security numerous times and warned that Apple cannot be trusted to do much of anything right these days, in terms of macOS.
The latest fiasco, which MPG did not cover in a timely manner due to a concussion is the exposure of plaintext passwords in system log files. Ironically, this exposure is for encrypted volumes meaning the case where security is most important.
Rather than go through the details here, please see:
- Uh Oh! Unified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes via Disk Utility.app
- OMG, Seriously? - APFS Encrypted Plaintext Password found in ANOTHER (More Persistent!) macOS Log File.
- Apple macOS Bug Reveals Passwords for APFS Encrypted Volumes in Plaintext
When I was an engineering manager at PGP (Pretty Good Privacy), it was not just a question of never exposing plaintext passwords, we went to lengths to not allow a plaintext password to exist in memory or virtual memory over any significant period of time (memory burn in, virtual memory, etc). Apple doesn’t even get past a failing grade, let alone to that sophistication.
Apple has exposed plaintext passwords in multiple ways ove the past 6 months. This speaks to intolerable incompetence in both engineering and quality control. It is beyond unacceptable to ever reveal plaintext passwords. Doing so has the worse possible ramifications that could be catastrophic for privacy or financial reasons. Yet Apple has not stepped up to with anything to make users whole who might ultimately suffer from Apple software development security breaches: where is the indemnification if a user is compromised by an Apple security bug?
MPG’s recommendation now must be extended from the 6-month time frame: wait at least a YEAR before adopting any new macOS release. In other words, stay one macOS release behind.