For the apologists.
Other OSs do it too. So what? Apple and their fans pride themselves on being secure by default. A blank root password is secure by default?
It requires physical access so it's not a vulnerability. It doesn't matter how often I hear this one it makes me laugh. Somebody with physical access can access all your data and that's not a vulnerability? What exactly do you consider a vulnerability then?
You can fix it by setting a root password. You shouldn't have to fix it, how the hell does a "secure” OS manage to install without setting a root password?
It's still more secure than Windows. And? It's not just Apple and Microsoft you know. Neither of the two OS's I'm using these days would allow you to install without setting a password on the root account.
This simple little fuck up shows that Apple's QC can be truly appalling and their attitude to security is not all its cracked up to be.
Never mind fanbois, you still have your badge.