All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com
Thank you for purchasing through links and ads on this site.
OWC / MacSales.com...
diglloyd Deal Finder...
Buy other stuff at Amazon.com...
Handpicked deals...
$1299 $1299
SAVE $0

$390 $270
SAVE $120

$1798 $1598
SAVE $200

$3297 $2797
SAVE $500

$3397 $2797
SAVE $600

$150 $90
SAVE $60

$1398 $898
SAVE $500

$3698 $2998
SAVE $700

$2998 $2498
SAVE $500

$1999 $1999
SAVE $0

$1799 $1299
SAVE $500

$1999 $1199
SAVE $800

$2299 $1599
SAVE $700

$2399 $2049
SAVE $350

$2799 $2399
SAVE $400

$2799 $1899
SAVE $900

$1199 $920
SAVE $279

$1349 $1049
SAVE $300

$997 $897
SAVE $100

$2099 $1699
SAVE $400

$1999 $1349
SAVE $650

$1999 $1599
SAVE $400

$1999 $1999
SAVE $0

$1329 $929
SAVE $400

$4499 $3999
SAVE $500

$329 $329
SAVE $0

$1499 $999
SAVE $500

$1499 $1289
SAVE $210

$2199 $1999
SAVE $200

$3399 $2199
SAVE $1200

$2468 $1768
SAVE $700

$1279 $1279
SAVE $0

Upgrade the memory of your 2018 Mac mini up to 64GB

Apple’s Problems with Severe Security Bugs Continue

MPG has written on security numerous times and warned that Apple cannot be trusted to do much of anything right these days, in terms of macOS.

The latest fiasco, which MPG did not cover in a timely manner due to a concussion is the exposure of plaintext passwords in system log files. Ironically, this exposure is for encrypted volumes meaning the case where security is most important.

Rather than go through the details here, please see:

When I was an engineering manager at PGP (Pretty Good Privacy), it was not just a question of never exposing plaintext passwords, we went to lengths to not allow a plaintext password to exist in memory or virtual memory over any significant period of time (memory burn in, virtual memory, etc). Apple doesn’t even get past a failing grade, let alone to that sophistication.

Apple has exposed plaintext passwords in multiple ways ove the past 6 months. This speaks to intolerable incompetence in both engineering and quality control. It is beyond unacceptable to ever reveal plaintext passwords. Doing so has the worse possible ramifications that could be catastrophic for privacy or financial reasons. Yet Apple has not stepped up to with anything to make users whole who might ultimately suffer from Apple software development security breaches: where is the indemnification if a user is compromised by an Apple security bug?

MPG’s recommendation now must be extended from the 6-month time frame: wait at least a YEAR before adopting any new macOS release. In other words, stay one macOS release behind.


Deals Updated Daily at B&H Photo
View all handpicked deals...

Samsung 2TB T5 Portable Solid-State Drive (Black)
$390 $270
SAVE $120

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2019 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__