Author: Prime Number

Posted on

Root Access Vulnerability in macOS High Sierra

As reported by Juli Clover for MacRumors and numerous other sites:

The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username “root” with no password. This works when attempting to access an administrator’s account on an unlocked Mac, and it also provides access at the login screen of a locked Mac.

We verified that on macOS High Sierra 10.13.1, “root” user is enabled by default with blank password. For comparison, OS X El Capitan has “root” user disabled by default.

UPDATE:
We verified that previous versions of macOS/OS X/Mac OS X have “root” user disabled by default.

This is similar to the enabled-by-default-with-blank-password “administrator” accounts in Windows XP.

By having “root” user disabled by default, potentially a remote attacker can compromise Macs running macOS High Sierra.

Having said all that, anyone with physical access and the right knowledge can reset local user password.

Posted on

WordPress 4.9 “Tipton”

From WordPress.org:

Version 4.9 of WordPress, named “Tipton” in honor of jazz musician and band leader Billy Tipton, is available for download or update in your WordPress dashboard. New features in 4.9 will smooth your design workflow and keep you safe from coding errors.

I first thought: “Tipton, Glenn Tipton.”
By the way, when are they going to get to “Van Halen”?
If only I were the one in charge of naming WordPress…

Time to get your WordPress updated, again.

Posted on

WPA2 Wi-Fi Vulnerability

This just in.

From BleepingComputer:

Mathy Vanhoef, a researcher from the University of Leuven (KU Leuven), has discovered a severe flaw in the Wi-Fi Protected Access II (WPA2) protocol that secures all modern protected Wi-Fi networks.

The flaw affects the WPA2 protocol itself and is not specific to any software or hardware product.

Vanhoef has named his attack KRACK, which stands for Key Reinstallation Attack.

Yikes!

Also from BleepingComputer:

List of Firmware & Driver Updates for KRACK WPA2 Vulnerability

Posted on

Ernie Ball: The Hetfield + Hammett Experience

Ernie Ball Hetfield Hammett Experience.jpg

This is something that I’ve been meaning to post for two weeks. Finally I get to pick up a few packs of Ernie Ball strings at a local Guitar Center. I am working on a few guitars this week.

From Metallica:

What do James and Kirk do when they’re not on tour?  Hang out at HQ!  And now you have the chance to hang with them!  In conjunction with our friends at Ernie Ball, makers of fine guitar strings and instrument accessories, three lucky winners will be coming to the San Francisco Bay Area to spend the day with James and Kirk at HQ AND get their choice of a Hetfield or Hammett Signature ESP Guitar.

Head to www.ernieball.com/metallica for more details.

Posted on

AppleCare+ for iPhone X carries a $199 price tag.

iPhone-X-AppleCare-199.jpg

iPhone X is availble for Pre-Order on Friday, October 27, 2017 and delivers on Tuesday, November 3, 2017.

iPhone X itself starts at $999.00 for the 64GB model and $1,149.00 for the 256GB model. The AppleCare+ for iPhone X is priced at $199.00, $50 higher than iPhone 8, iPhone 7 and iPhone 6s AppleCare+.

Posted on

Live from Steve Jobs Theater at Apple Park, It’s Tuesday Morning!

Apple-Special-Event-September-2017.jpg

Apple is set to hold its first event at the Steve Jobs Theater at Apple Park today, September 12, 2017.

With the recent leaks, one can only wonder if Apple would have any surprises at all. According to an Apple employee who is definitely not Phil Schiller (@pschiller), *wink-wink*, there is one definite surprise for the event. There are some who call it a “preview”.

Apple will be streaming the event live at Apple.com and Apple TV.

 

Proudly powered by WordPress