Introduced ii years ago, APFS (Apple File System) is an optimized file arrangement for flash in addition to SSD-based storage solutions running MacOS, iOS, tvOS or WatchOS, in addition to promises potent encryption in addition to meliorate performance.
Discovered yesteryear forensic analyst Sarah Edwards, the põrnikas leaves encryption password for a newly created APFS book (e.g., encrypting USB effort using Disk Utility) inward the unified logs inward plaintext, likewise equally piece encrypting previously created simply unencrypted volumes.
"Why is this a big deal? Well, passwords stored inward plaintext tin flame move discovered yesteryear anyone alongside unauthorized access to your machine, in addition to malware tin flame collect log files likewise in addition to mail them off to somebody alongside malicious intent," Edwards said.
log flow --info --predicate 'eventMessage contains "newfs_"'However, this põrnikas is non equally stupid equally the previously disclosed root password bug wherein the password hint department was exposing the actual password inward the apparently text.
Though the exact argue of the programming fault is non clear, the researcher believes "it was probable a lawsuit of other APFS encryption related bugs (or at to the lowest degree somehow related to it), hence mayhap Apple felt it didn't necessitate to furnish the additional details."
It should move noted that you lot would non detect the password inward the plaintext when converting a non-APFS effort to APFS in addition to and then encrypting the drive.
Edwards tested in addition to constitute the põrnikas affects solely macOS 10.13 in addition to 10.13.1, piece afterward versions of macOS High Sierra (including the latest one) convey somehow reportedly fixed this loophole.
For to a greater extent than technical details of this bug, you lot tin flame caput on to the master copy giving away root access to anyone without a password to revealing passwords inward plaintext from the password hint feature.
