Friday, 19 January, 2018

Another password flaw has been discovered in Apple's MacOS

A screenshot of the login field for the App Store preferences on a Mac. Any password will do to long into the App Store preferences on a Mac running High Sierra Any password will do to long into the App Store preferences on a Mac running High Sierra
Doris Mccormick | 12 January, 2018, 18:10

According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon.

Attackers could gain access to your Mac thanks to another security flaw discovered in the latest version of its operating system.

After the high profile discovery of the security hole that allowed users to bypass the login for macOS, its now the System Preferences app that has been found accessible using any password. This should unlock the App Store preference for you. The flaw follows a series of notable security bugs that shipped in recent weeks including the notorious root access flaw that allowed anyone to access critical account settings and more.

Coming soon after a previous "root user" password flaw discovered in December, as well as the Meltdown and Spectre chip flaws, the timing is likely to shake consumer confidence, however. You do need to login as an administrator, which is supposed to unlock preferences, but you're allowed to use any password you like if the preference is locked and you need to get access again.

A year ago some of you might recall that Apple's macOS High Sierra had a security flaw/bug which allowed users to gain admin access without the need for a password.

Samsung Galaxy S9 box reveals specs of the upcoming flagship
First spotted by GizmoChina , the listing reveals that the Samsung Galaxy S9 features a 5.8-inch Quad HD+ Super AMOLED display. Of all the things, Samsung had to upgrade the camera since it has been using the same setup for two years in a row now.


Chelsea preparing for high-profile departure, plans being put in place
The managers are due to meet next month when Manchester United host Chelsea at Old Trafford in the Premier League on February 25. Italian newspaper Corriere dello Sport have claimed that the current season will be Allegri's last season in charge of Juventus .


Mario Tennis Aces Coming to Nintendo Switch
It mixes the fashion and culture of Tokyo's Shibuya district with a unique timing-based action/RPG game system. It came out past year on PlayStation 4 and PS Vita, and it's headed to Nintendo Switch this summer.


Numerous settings within the App Store System Preferences window are also protected behind your Apple ID password and can't be changed using this method, but a nefarious user with physical access to your Mac could toggle the options that fall under the automatic update section.

The bug report also highlights yet another embarrassing password-related bug for Apple.

Apple has reportedly already fixed the bug in beta versions of the next macOS High Sierra update, which will be rolled out to the public in the coming weeks. There's no current workaround to this issue, so the only real option is to wait for Apple to provide a solution. Our customers deserve better.

We should note that these settings are unlocked by default on administrator accounts, as they aren't especially sensitive.

Recommended

Apple to issue fix for iPhones, Macs at risk from chip bug Apple to issue fix for iPhones, Macs at risk from chip bug How do I update my software? However, Google has a list of computers that won't receive the update because they are older models. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.

BJP condemns Rahul Gandhi's Bahrain speech BJP condemns Rahul Gandhi's Bahrain speech Congress President Rahul Gandhi on Monday met Prince Shaikh Khalid bin Hamad Al Khalifa at Bahrain, the AICC said here. Union Law Minister Ravi Shankar Prasad said the Congress president doesn't see the work done by the BJP government.

People of J&K will gain only from India, says Mehbooba Mufti People of J&K will gain only from India, says Mehbooba Mufti Referring to pellet guns, she said, " Twenty-two people were injured in their eyes and 4-5 of them completely lost their sight". He charged that the security situation was deteriorating in the state and the government had failed on all fronts.

Assassin's Creed Rogue Remastered sails for console Assassin's Creed Rogue Remastered sails for console If you do not remember, Rogue was originally released for the 360 and PS3 around the time the new generations started. It's a sort-of sequel to Black Flag , with some of the same characters and that game's excellent seafaring gameplay.

'It was so ferocious': Passengers recall terrifying cruise through 'bomb cyclone' 'It was so ferocious': Passengers recall terrifying cruise through 'bomb cyclone' CBS2 reached out to other cruise lines. "We were dead center of the storm and I really think it was a poor decision", Del added. Fellow passenger Emma Franzese told CBS New York once the ship docked: "I'm completely traumatized".

Isaiah Thomas may re-sign with Cavs regardless of LeBron James' future Isaiah Thomas may re-sign with Cavs regardless of LeBron James' future It's a heavy burden for a point guard who has played just three games since a major hip injury suffered before the deal was done. I'm not sure if that could even be considered a silver lining, but sometimes in life you just take what you can get.

Western Digital's Wireless Passport SSD, And Super-Small Flash Drives Western Digital's Wireless Passport SSD, And Super-Small Flash Drives The 256GB SanDisk Ultra Fit USB 3.1 stick features a low-profile design, and is also available in smaller capacities. You can now directly access the device within third-party mobile creative apps, like FiLMiC Pro and LumaFusion.

Instagram allowing some folks to post their Stories on WhatsApp Instagram allowing some folks to post their Stories on WhatsApp There are a few reasons why Facebook may be interested in making Instagram Stories more shareable, and specifically on WhatsApp . Facebook recently let users share their Facebook Stories to Instagram , now the firm might let WhatsApp do the same thing.

Leonard: Sessions needs to 'back off' on marijuana Leonard: Sessions needs to 'back off' on marijuana Attorney General Jeff Sessions to eliminate certain protections created for the industry by the Obama Administration. Even President Trump "promised" to keep marijuana legalization a state issue during his campaign.

"Stranger Things'" Millie Bobby Brown To Star, Produce YA Film Franchise The six-book series focuses on Holmes' 14-year-old sister but features familiar characters and locales from the original stories. This will be Brown's second major film after Legendary and Warner Bros.'s Godzilla: King of Monsters which will release in 2019.

Texas shooting victim, 6, goes home on a firetruck Texas shooting victim, 6, goes home on a firetruck The outpouring of support will continue Thursday, as Sutherland Springs residents line the street to cheer on Ward's return home. Sparky the dog greets Sutherland Springs shooting victim Ryland Ward outside University Hospital, Jan. 11, 2018.

GM wants to make autonomous auto with no traditional controls by 2019 GM wants to make autonomous auto  with no traditional controls by 2019 That compares with the $30,000 on average that GM collects today for one of its vehicles, mostly derived from the initial sale. The company declined to identify the first states in which it plans to launch the vehicle or say when it would begin testing.

Everton in negotiations to sign Walcott from Arsenal Everton in negotiations to sign Walcott from Arsenal Arsenal manager Arsene Wenger also said that negotiations were taking place, adding that he did not know if Walcott would stay. Walcott, a 28-year-old English global , has been at Arsenal since joining the club from Southampton in 2006.

AFC Divisional Round Preview: Jacksonville Jaguars vs. Pittsburgh Steelers AFC Divisional Round Preview: Jacksonville Jaguars vs. Pittsburgh Steelers PLAYER SPOTLIGHT: Steelers TE Vance McDonald emerged as a bigger threat in the passing game during the second half of the season. Looking ahead to the Steelers upcoming rematch against the Jacksonville Jaguars , I'm getting the feeling of déjà vu.

UK's nuclear weapons vulnerable to a cyberattack, think tank warns UK's nuclear weapons vulnerable to a cyberattack, think tank warns Trump warned the hermit country: 'North Korean Leader Kim Jong-Un just stated that the "Nuclear Button is on his desk at all times".