Hacker News new | ask | show | jobs
by bichiliad 3130 days ago
I seriously can't imagine how much pressure engineers at Apple were to ship this patch. Considering they tend to ship infrequently, I doubt they have the sort of QA turn-around that'd support emergency releases.

Remember that:

  - They learned about this yesterday

  - They had as much heads up as the general public did

  - They are a large company.
I don't disagree that the apparent QA quality from Apple software isn't what it used to be, but we all have to take these sorts of things with a grain of salt. I've certainly been in situations like this before.
7 comments
Spooky23 3130 days ago
I feel bad for the engineers, but seriously screw Apple on this. They have an overcomplicated setup with little internal Kerberos implementations on every Mac to make peer to peer networking easier.

If it’s like everything else, it’s probably ancient and crufty. The dude who wrote it probably cashed out years ago. Some engineer rushed through and made the original worst-case-scenario error, and the guys cleaning up the mess made this error, which is understandable given the severity of the problem.

For a company like Apple that prints money, it’s irresponsible and reflective of a broken engineering process. Personally I’m angry about this because on iOS, we’re 100% dependent on their engineering process to protect my customer’s data. Hopefully that trust is well placed.

If they don’t want to maintain Macs, don’t make them.

link
szc 3130 days ago
I designed and implemented quite lot of the LocalKDC mechanism - um, roughly about 11-12 years ago now I think. At the time it was based on the MIT version of Kerberos. When Apple switched to using Heimdal, the LocalKDC implementation was updated and it has been maintained since then - I am no longer the maintainer of this software. I haven't cashed out.

As to why the LocalKDC exists? How can you do secure peer-to-peer authentication without relying on some sort of global (and broken) or private PKI infrastructure? SRP wasn't an option at the time.

I am sorry you are upset. Apple is really, really serious about protecting customer data. I encourage the reading of the Apple iOS Security Guide - it describes hardware and software techniques used to protect your data. There is also the 2016 Blackhat presentation by Ivan Krstic that gives more insight into the Secure Enclave.

link
Spooky23 3130 days ago
Thanks for replying. Sorry if I was throwing too much vitriol and no personal affront was intended.

I had a real bad day yesterday... my customers were freaking out about this particular issue. I recall doing some enterprise Mac rollouts back in the Tiger days and you'd see alot of changes as support for things like AD evolved.

Apple has really good communications and documentation around iOS, which comes through in the iOS Security Guide, which is probably one of the best examples of that type of documentation. That hasn't been the case with MacOS, and its mysterious evolution, which feels pretty capricious from a customer POV at times. End of the day, I get paid to turn money + labor into answers to business problems -- Mac has turned into a wildcard for me, which saddens me as I love the platform.

link
LoSboccacc 3130 days ago
> Apple iOS Security Guide

that goes perfectly with the trending feeling that iOS gets all the love while OSX sits on the back burner.

link
szc 3130 days ago
I personally see that the mac is getting lots and lots of love! Not my place to say more than that.

I pointed to this resource due to the concern expressed about iOS.

link
digi_owl 3130 days ago
It seems that whenever one attempts to make something easier on the surface, the complexities underneath expand cubically.
link
mmjaa 3130 days ago
The thing that really shocks me about this incident is that, basically checking that "root cannot be logged in under any unusual circumstances" is a fundamental, basic test of any OS development group, and there must have been at least 2 decades of this test running somewhere internally at Apple, and .. somehow .. thats not happening.

Like, I seriously hope this was just an oversight in the testing system somehow - but I'm really rather concerned that Apple is not testing these things as rigorously as it should be/used to be.

This is such a fundamentally corrupt security issue that we all have to increase our levels of suspicion over the QA team at Apple. Truly a shocking hole.

link
roblabla 3130 days ago
The fact they learned this only yesterday is amazingly stupid to start with. People were talking about this weeks ago on the Apple Forums, as a "neat trick" : https://twitter.com/fristle/status/935670476214378496. Surely a moderator should have noticed something was wrong at that point.

This is a major fuckup the kind of which should be illegal.

link
tzs 3130 days ago
> People were talking about this weeks ago on the Apple Forums, as a "neat trick"

Aren't Apple forums mostly meant as self-help forums, with minimal monitoring by Apple?

It looks like one person posted it two weeks ago, not as a bug or security problem but as a solution to the problem that the original poster had, not realizing it was a bug. People didn't seem to notice it and start talking about it there until yesterday.

I would guess that any developers at Apple that check the developer forums just look at the first post to see what problems people are reporting, and a few of the replies to see if others are seeing the problem and see what workarounds people have found.

In this particular thread that first post was in June, and by early July someone had posted a fix. Some people had trouble with that and someone posted a more detailed fix in the middle of October.

I doubt any developers would be still following that thread on November 13th, when the root bug was posted.

As far as moderators go, I'd expect that they just skim the posts to make sure they don't violate any major rules.

link
roblabla 3130 days ago
On one part, I agree. On another, Average DevJoe on the Apple dev forums knew about it two weeks ago. It's scary to think about how many bad actors have known about it, and might have weaponized it given it is wormable, during that timeframe.
link
techstrategist 3130 days ago
I agree with you, but I'm also curious if the techniques that are making progress in other areas (e.g. machine learning) could be used to extract meaningful data from these forums. Most bugs won't be as obvious as "login as root without password" but I imagine there is substantial signal within the noise.
link
mikeash 3130 days ago
One person mentioned it in a forum thread. Apparently nobody involved in the conversation realized the implications of it, and I don’t think anybody in the thread works for Apple.
link
blinkingled 3130 days ago
If you ship an OS that runs your premium+ pricey hardware one of the onuses on you is to be able to quickly respond to catastrophic bugs and security issues without introducing new ones.

That's why you hire best engineers, product managers and QA people and establish processes that let you do exactly that. Trouble is Apple's treating everything like toys nowadays.

Surprising though how many people are willing to give a free pass to an almost trillion dollar company.

Also you realise Apple's asking their customers to run terminal commands - even MS has fixits that just do it :)

link
9935c101ab17a66 3130 days ago
What do you mean a "free pass"? Apple has been (rightly) grilled over this.

Also, though the patch does introduce this new bug, it's hardly a show-stopper, it has a simple fix, it will likely affect a tiny percentage of users, and I'm sure be resolved in a future release.

link
blinkingled 3130 days ago
OP did give them a pass pretty much. Also saw Jean Louise Gassee trivialize it by claiming it only affects techies looking deeper!

But ok, fair enough - I think mostly they did get grilled - just bugged me that few people found ways to justify it! :)

link
apostacy 3130 days ago
This is why I am so glad I did not update to High Sierra. It obviously is not ready.
link
ams6110 3130 days ago
It's like they are the old Microsoft: never take a new version until after the first service pack.
link
mc32 3130 days ago
It's been that way for macOS since Leopard. They'd introduce regressions all the time --and their SMB client is awful. Never trusted it till like a .3 version.
link
protomyth 3130 days ago
I tried on our Mac mini servers but High Sierra won’t upgrade on a system running RAID 1. Saved some trouble today but it will be a pain if they don’t fix that bug too.
link
Piskvorrr 3130 days ago
- They learned about this yesterday

Nope.

- They had as much heads up as the general public did

I.e. two weeks.

- They are a large company.

That's a point to their discredit. For a garage op, this would be acceptable.

link
mikeash 3130 days ago
Except for one random guy on an old forum thread, everybody found out about the bug two days ago.
link
Piskvorrr 3127 days ago
Well then. yakketysax.mid

https://www.wired.com/story/macos-update-undoes-apple-root-b...

How much more is needed to pop the Apple Reality Distortion Field?

link
melling 3130 days ago
High Sierra bricked my 2010 iMac.

Haven’t even bothered to try and repair it. It shipped with one of those crappy slow HD’s Apple used to save money.

link
tinus_hn 3130 days ago
> Haven’t even bothered to try and repair it.

Then what are you complaining about? It isn’t magic, things do break sometimes.

link
natch 3130 days ago
Expecting a 2010 Mac to work with 2017 software (which I infer from your bothering to post here) seems a bit of a stretch. And all hard drives were slow back then. Any variance between models then is lost in the noise when comparing against SSDs, which were not generally available in 2010.

But it should definitely refrain from bricking the machine... that’s a bummer.

link
robin_reala 3130 days ago
Apple list 2009 iMacs as compatible with High Sierra so I don’t think it’s a stretch to expect it to work, no.

https://www.apple.com/macos/how-to-upgrade/#hardware-require...

link
SyneRyder 3130 days ago
I've got Windows 10 installed and working on a 2006 MacBook 1,1. It just got an update to 1709 Fall Creators Update, and still gets the usual weekly security patches. Something is awry when Microsoft is able to provide support & security patches for Apple devices longer than Apple itself.
link
melling 3130 days ago
It’s supported so it’s not a bit of a stretch.

SSD’s were generally available but extremely expensive from Apple so I went for the extra space on the desktop. For some reason Apple makes it difficult to upgrade their hard drives. I bought an SSD MacBook Pro at the same time. It was much faster with only a Core i5 vs the iMac’s i7. Barely used now because I bought another laptop in 2013.

Now, I wanted to wait for the next Intel refresh. No point in getting less than 32GB in a laptop in 2018 when I got 16gb in 2013. Because of the slow change in Intel revs, I’m probably better off cracking open my 2010 iMac and putting in an SSD.

Hey, thanks for taking me back and explaining how it was “back then”. I miss the late 90’s back then when I spent $800 on several hundred megabytes of 10,000 rpm Cheetah SCSI drive, and had that thing screwed in within 5 minutes.

The bottom line is you will basically live with your Apple hardware as you bought it for 5-10 years. Better buy at the proper Intel revision and get the upgrades at purchase. That 1 port on your new MacBook Pro won’t go far

link