All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com
Thank you for purchasing through links and ads on this site.
OWC / MacSales.com...
diglloyd Deal Finder...
Buy other stuff at Amazon.com...
Upgrade the memory of your 2019 iMac up to 128GB
Handpicked deals...
$1199 $1099
SAVE $100

$1999 $1399
SAVE $600

$1399 $1399
SAVE $0

$999 $949
SAVE $50

$3998 $3498
SAVE $500

$569 $469
SAVE $100

$249 $214
SAVE $35

$1299 $999
SAVE $300

$1498 $1198
SAVE $300

$2299 $1599
SAVE $700

$1598 $1598
SAVE $0

$5499 $4999
SAVE $500

$2600 $2100
SAVE $500

$2798 $2798
SAVE $0

$1299 $950
SAVE $349

$1999 $1399
SAVE $600

$1299 $1124
SAVE $175

$2299 $1799
SAVE $500

$1299 $999
SAVE $300

$3397 $2697
SAVE $700

$3297 $2797
SAVE $500

$1999 $1199
SAVE $800

$3399 $2199
SAVE $1200

$400 $300
SAVE $100

Apple’s Problems with Severe Security Bugs Continue

MPG has written on security numerous times and warned that Apple cannot be trusted to do much of anything right these days, in terms of macOS.

The latest fiasco, which MPG did not cover in a timely manner due to a concussion is the exposure of plaintext passwords in system log files. Ironically, this exposure is for encrypted volumes meaning the case where security is most important.

Rather than go through the details here, please see:

When I was an engineering manager at PGP (Pretty Good Privacy), it was not just a question of never exposing plaintext passwords, we went to lengths to not allow a plaintext password to exist in memory or virtual memory over any significant period of time (memory burn in, virtual memory, etc). Apple doesn’t even get past a failing grade, let alone to that sophistication.

Apple has exposed plaintext passwords in multiple ways ove the past 6 months. This speaks to intolerable incompetence in both engineering and quality control. It is beyond unacceptable to ever reveal plaintext passwords. Doing so has the worse possible ramifications that could be catastrophic for privacy or financial reasons. Yet Apple has not stepped up to with anything to make users whole who might ultimately suffer from Apple software development security breaches: where is the indemnification if a user is compromised by an Apple security bug?

MPG’s recommendation now must be extended from the 6-month time frame: wait at least a YEAR before adopting any new macOS release. In other words, stay one macOS release behind.

View all handpicked deals...

Apple 27" iMac with Retina 5K Display (Mid 2017)
$1999 $1399
SAVE $600

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2019 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__