Reply to post: Re: Dev was a twat

Pro tip: You can log into macOS High Sierra as root with no password

HMcG

Re: Dev was a twat

You know, normally I would agree with you, if this was a technical exploit, or in any way difficult to find or exploit. But in this case, it's such a stupid error, that it is highly likely the exploit is already know about in some black-hat circles.

There is also no guarantee that Apple would have come clean immeadiatly with this exploit, as it is going to severely undermine their reputation. This is not a "security is hard" issue, this is corporate negligence, and Apples lawyers would be loath to admit to it until they were forced to. This is 'class-action' bad.

This means there would be a risk of a severe exploit window between the knowledge being widely known in cracking circles, and the public being warned about.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019