[samplonius]

Anything that uses clear-text passwords has been removed. That is a very clear red-line. Also, anything that uses weak encryption, like P2PTP has also been removed, but a few versions ago. And the ssh defaults are tightened up almost every point release. As soon as a cipher becomes known as "weak", Apple pulls it.

[__david__]

And yet we still get a 11 year old version of Bash. :-)

[simonh]

Of course, but th We are all system components. The comment was referring to user installed applications and preventing no that if they are insecure. How is the system supposed to know that a user installed application uses clear text passwords?