While we were getting worried about Signal’s notifications leak, POPSS was quietly making almost every major operating system vulnerable – because of poor documentation.
vulnerability
Frustrated by the lack of information in Apple’s security release notes? You’re not alone. Over the last year, they have become almost worthless.
High Sierra 10.13.4 may have stopped leakage of APFS encryption passphrases, but that is only a small part of an accident chain going back many years.
I wrote yesterday that macOS High Sierra 10.13.4 finally fixes the leakage of APFS encryption passphrases into the […]
The latest update to High Sierra, bringing it to 10.13.4, does fix the bug discovered by Sarah Edwards […]
Did Apple keep quiet for more than 3 months about the leak of encryption passphrases into High Sierra’s log files?
I previously described a serious vulnerability in macOS High Sierra versions to 10.13.1 which was discovered by Sarah […]
How good is the new unified log’s privacy? Does it live up to Apple’s goal of designing privacy into the system, or is it easily beaten? And how did passwords leak into the log?
Congratulations to Sarah Edwards for unearthing a security vulnerability in macOS 10.13 High Sierra, in which copies of […]
Apple has today released another Supplemental Update to macOS High Sierra 10.13.3, apparently just to fix a security […]