Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(MacRumors)   Apple's new High Sierra "Show Password Hint" feature leaves one of those three words out   ( macrumors.com) divider line
    More: Fail, Disk Utility, English-language films, good point, macOS, volumes, Terminal, people, impact  
•       •       •

2323 clicks; posted to Geek » on 05 Oct 2017 at 10:46 PM (11 days ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



30 Comments     (+0 »)
 
View Voting Results: Smartest and Funniest
 
2017-10-05 06:23:47 PM  
That's a valuable feature, I forget my password a lot.
 
2017-10-05 10:49:14 PM  
The very fact the password is possible to display (i.e. stored in a state in which the original password can be recovered) makes the entire security of this disk encryption worthless.
 
2017-10-05 10:53:06 PM  
That's the kind of hint I need in law enforcement.
 
2017-10-05 10:53:54 PM  
Fixed already. Eat a bowl of stale dicks, subby.
 
2017-10-05 11:02:48 PM  

bingethinker: Fixed already. Eat a bowl of stale dicks, subby.

img.fark.net
 
2017-10-05 11:03:38 PM  

Sum Dum Gai: The very fact the password is possible to display (i.e. stored in a state in which the original password can be recovered) makes the entire security of this disk encryption worthless.


And now we know Ric Romero's Fark handle!
 
2017-10-05 11:07:25 PM  
bingethinker, it doesn't matter a whole lot to me if it's been fixed already. Anyone doing any development that involves a password in 2017 who doesn't know that YOU DO NOT STORE THE PASSWORD IN ANY RECOVERABLE FORM is grossly incompetent - even Sum Dum Gai was right on top of that.

Could such a software development team consider it a "fix" if they just keep the password in a really sneaky place, maybe even encrypted or at least obfuscated? I'd be pretty worried about that, because it's only reasonable to assume they have also gotten everything else related to security wrong.
 
2017-10-05 11:09:57 PM  

bingethinker: Fixed already. Eat a bowl of stale dicks, subby.


You seem upset
 
2017-10-05 11:17:20 PM  

bingethinker: Fixed already. Eat a bowl of stale dicks, subby.


Don't be so uptight.  So you wrote crappy code...

You got paid to write the crappy code.

And you got paid for the fix.

You are half way to a career in cost-plus government contracting.  Congrats!
 
2017-10-05 11:57:23 PM  
I'm amazed they even started developing it on the premise of storing the password in plain text.

People shouldn't even be writing a method in the first place that saves a password as is, even in early development stages. function(variable, encryptionalgorithm) (or your flavour) isn't exactly difficult at its simplest. And it takes no extra lines to compare a hashed password than a non-hashed password.

If anything its easier as you then have a strict character set and string length to work with.
 
2017-10-05 11:59:43 PM  
The fact that this bug can even occur means that the underlying security is worthless even without the bug.
 
2017-10-06 12:05:08 AM  
Reading the article, it looks like they didn't intend to store the password itself; they meant to store the password hint. But they screwed up the programming, which got fixed in the update, and it's why they recommend you recreate the volume (because the hint is likely stored in plain text, while the proper password is at best stored as a hash, or just not stored at all -- you just try the decrypt key blindly, and see if you get a valid filesystem out of it).

Put another way, let's say that your dialog box populates a struct / record / whatever with "password" and "passwordHint". Then, when the user clicks "ok", they run code that looks like this:

  fs.passwordHash = myFancyHashFunction(dialog.password); // ok, maybe add a salt or something.
  fs.passwordHint = dialog.password; // oops, meant to use 'dialog.passwordHint'

I'm not defending this, but I'd be more worried that this wasn't caught in [preferably automatic] testing.
 
2017-10-06 12:07:30 AM  
Well, if that hint doesn't help you remember the password you're in trouble.
 
2017-10-06 12:35:59 AM  

dyhchong: I'm amazed they even started developing it on the premise of storing the password in plain text.


My guess is the programmer farked up when storing the 'hint' field and accidentally stored the password.
You're right it would be a crime against humanity if the functionality actually depended on a plaintext password stored anywhere.
 
2017-10-06 01:35:34 AM  
Am I sorry I ditched Apple and went back to Windows? Not after the dumpster fire that's been Apple for the last five years,
 
2017-10-06 01:58:35 AM  
Every hacker knows all you need to do is type "OVERRIDE" in capital letters.
 
2017-10-06 03:13:37 AM  
Christ, everyone. The password got saved as the hint. That's it. It doesn't say any more about the technical competence of the security stack and encryption technology.
 
2017-10-06 03:16:19 AM  

fergusg: Well, if that hint doesn't help you remember the password you're in trouble.


Can you smell this peppermint?
 
2017-10-06 08:29:08 AM  

Sum Dum Gai: The very fact the password is possible to display (i.e. stored in a state in which the original password can be recovered) makes the entire security of this disk encryption worthless.


You don't store the password for encryption, there is no need. What probably happened is that the password got written into the 'hint' field instead of the hint.
 
2017-10-06 09:13:23 AM  

covfefe: Christ, everyone. The password got saved as the hint. That's it. It doesn't say any more about the technical competence of the security stack and encryption technology.


Well, it shows they didn't much in the way of testing. Which means confidence in their implementation of said security stack and encryption technology is low.

Since they didn't do any kind of testing, and they've already made basic mistakes like this, who says the encryption code isn't:

// encrypt_key = get_key();
encrypt_key = testing_static_value;
 
2017-10-06 10:35:09 AM  
Has it been fixed?  Yes.  Is it a glaring issue that something so obvious got past QA?  Absolutely.
 
2017-10-06 11:20:05 AM  

trialpha: covfefe: Christ, everyone. The password got saved as the hint. That's it. It doesn't say any more about the technical competence of the security stack and encryption technology.

Well, it shows they didn't much in the way of testing. Which means confidence in their implementation of said security stack and encryption technology is low.

Since they didn't do any kind of testing, and they've already made basic mistakes like this, who says the encryption code isn't:

// encrypt_key = get_key();
encrypt_key = testing_static_value;


Yeah it look like the updated GUI front end was bugged. The command disk utility still works exactly the same.

I'm putting money on it being rewritten from scratch and the poor soul writing:

APFS.password = input.password;
APFS.passwordhint = input.password;

WHOOPS.
 
2017-10-06 11:20:32 AM  

Sum Dum Gai: The very fact the password is possible to display (i.e. stored in a state in which the original password can be recovered) makes the entire security of this disk encryption worthless.


I'm sure they're not storing the password in plaintext. What happened here is that the wrong value was put into the password hint variable, which is stored as plaintext. This is still a monumental failure of programming and testing.
 
2017-10-06 11:21:51 AM  
Also why the update won't backfix volumes created with the GUI. the password got replicated on volume creation into the spot where the hint is.
 
2017-10-06 11:23:43 AM  

Esc7: trialpha: covfefe: Christ, everyone. The password got saved as the hint. That's it. It doesn't say any more about the technical competence of the security stack and encryption technology.

Well, it shows they didn't much in the way of testing. Which means confidence in their implementation of said security stack and encryption technology is low.

Since they didn't do any kind of testing, and they've already made basic mistakes like this, who says the encryption code isn't:

// encrypt_key = get_key();
encrypt_key = testing_static_value;

Yeah it look like the updated GUI front end was bugged. The command disk utility still works exactly the same.

I'm putting money on it being rewritten from scratch and the poor soul writing:

APFS.password = input.password;
APFS.passwordhint = input.password;

WHOOPS.


Actually I wouldn't be surprised if the GUI calls diskutil itself...and just farked up a command line parameter.
 
2017-10-06 12:03:27 PM  
hunter2

hmmmm.... isn't working...
 
2017-10-06 02:14:35 PM  
img.fark.net
 
2017-10-06 03:31:24 PM  
What was the developer smoking?

They call it High Sierra. Duh.
 
2017-10-06 05:49:39 PM  
img.fark.net
 
2017-10-07 12:47:41 PM  

Esc7: trialpha: covfefe: Christ, everyone. The password got saved as the hint. That's it. It doesn't say any more about the technical competence of the security stack and encryption technology.

Well, it shows they didn't much in the way of testing. Which means confidence in their implementation of said security stack and encryption technology is low.

Since they didn't do any kind of testing, and they've already made basic mistakes like this, who says the encryption code isn't:

// encrypt_key = get_key();
encrypt_key = testing_static_value;

Yeah it look like the updated GUI front end was bugged. The command disk utility still works exactly the same.

I'm putting money on it being rewritten from scratch and the poor soul writing:

APFS.password = input.password;
APFS.passwordhint = input.password;

WHOOPS.


I was more or less right.

https://twitter.com/dmartincy/status/916446573462253569
 
Displayed 30 of 30 comments

View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking

On Twitter





Top Commented
Javascript is required to view headlines in widget.

In Other Media
  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report