Nov 29th, 2017
This week, a major flaw was discovered in Apple’s latest OS, High Sierra, also known as macOS 10.13.x. The flaw allows ANYONE with physical access to your computer to have root level access (also known as “God access”) to your Mac. That means having access to all data on your Mac, even those which are password protected. Making matters worse, the flaw also affects the use of OSX's guest user account.
This is easily the biggest misstep by Apple’s software team in years, by my estimation. While the problem affects anyone who ever leaves their computer out, it especially impacts those who use Mac desktop computers.
This discovery is, simply put, a massive oversight on Apple’s part, so I have no doubt that engineers at Apple are scrambling right now to issue a patch. They’ll deliver one quickly of course, but until then, the quickest way to temporarily fix the problem is to:
Set a root user password
Disable use of your Mac’s guest account
I’ll walk you through the process now. However, please note: this fix is ONLY for those of you with Macs running Apple’s newest OS, High Sierra, 10.13.x. Older Apple OS releases are considered safe at this time.
Part One: Setting a Root User Password
The easiest way to explain this is with a video. Note: the shortcut to using Spotlight is to hold down the key and then press the spacebar. Once you’ve done that, the rest of the video is easy to follow.
Please note: this video explains two, different methods to fix the same flaw and there’s no need to use both solutions it offers. My advice: stick with the first part, the part that covers using the Directory Utility app in the macOS graphical user interface (or “GUI”). Part two of the video goes into command line mode on the Terminal application and is best left to those of you who already know and understand the UNIX, operating system.
Just a reminder: remember to add your root user password to whatever password manager application you currently use. I use LastPass because it’s #AwesomeSauce but there are any number of other fine apps on the market. Pick one and make sure you don’t lose your new root user account password.
Part Two: Disabling Guest User Access
So, OK, now that you’ve changed your root user account password, you’ll want to disable Guest User Access. Here’s a video of how that process works:
Part Three: Restart Your Mac
When the above two tasks are complete, restart your Mac. It’s a good thing to do at least once a week anyhow to help flush out caches and give your Mac a nice refresher. And that's it! You are now protected until Apple releases a patch. A short installment, but a required one, given today’s unfortunate news. Stand by for updates on this bug from me and Apple.
Part Four: A Holiday Gift Pitch
In the meantime, I want to make a quick pitch for my new book: Screw the Cable Company! For those of you who are interested in Cord-Cutting — otherwise known as canceling your cable TV and getting all of your entertainment from the internet — you will love this book! It's funny, easy-to-read (even for beginners) and inexpensive. I rarely push my own paid content, but this project took over three years to write and is chock FULL of amazing tech solutions to help you save money and get all of your entertainment using 100% legal methods. Click the link above or the pic below to visit the site and make a purchase that you can download to any computer or eReader.
If you liked what you read today, please: feel free to forward this email to friends and family. This email & post is a part of my free-to-all series. Only paying members have access to my deeper, paid newsletter and archives.