Stephen Hawking memorial under way at Westminster Abbey
Farmer, ethanol producers rally during EPA chief's visit
Astronomers See Distant Eruption as Black Hole Destroys Star
Satellites used to track vanishing Antarctic ice
Antarctic Ice Melt Is Accelerating Rapidly
Another password flaw has been discovered in Apple's MacOS
12 January 2018, 06:08 | Dale Webster
macOS App Store Preferences Open With Any Password
As has been revealed, the bug affects macOS, version 10.13.2 but can't be reproduced with version 10.13.3. The folks at MacRumors report they were able to successfully bypass the real password by following the above steps on an administrative account, but were not able to trick any other System Preferences login prompts with a bogus password.
While those settings leave limited options for malicious activity, a threat actor could set up additional attacks by preventing the machine from automatically downloading and installing necessary updates, including those that patch security flaws.
According to the bug report, users can simply open System Preferences, go to App Store settings and check the padlock icon. Users of macOS High Sierra 10.13.2 can unlock Setting Mac App Store (MAS) using any string of text for a password, allowing anyone to change your MAS settings.
Assuming the attacker would be able to gain such access, they would still only be able to change the user's preferences in the App Store.
The bug is nowhere near as unsafe as the root-access security flaw that was uncovered a year ago, whereby attackers could gain root access to MacOS computers by typing "root" in the username field and leaving the password field blank. Enter any username and password you want and press Unlock and the App Store system preferences will become unlocked. Apple later fixed the issue with a security update. That bug allowed users to log into a system by typing "root" for a login, then hitting enter for a login attempt several times in a row.
'We greatly regret this error and we apologize to all Mac users, ' Apple said in a statement at the time.
Thankfully, it seems that the bug has been patched in macOS 10.13.3, but that version is still in beta. Our customers deserve better. Macrumors states that it can not reproduce the error on the beta versions of macOS 10.13.3, suggesting it'll be fixed in an upcoming release. Maybe Apple already got aware of the loophole and applied the fix.
Lexington Realty Trust (LXP)
The market capitalization (Stock Price Multiply by Total Number of Outstanding Shares) for the company is reported at $2.24B. It worsened, as 55 investors sold ABBV shares while 640 reduced holdings. 56 funds opened positions while 167 raised stakes.
Samsung Galaxy S9 Retail Box Leaked
Samsung is expected to unveil its next flagship smartphone, the Galaxy S9 , next month in time for the Mobile World Congress . Thanks to the leaked retail box, we now know that the device will come with a 5.8-inch form factor and a 5.6-inch display.
Panthers finalizing deal with Norv Turner as OC
Rivera and Turner have a history together, so it's not surprising that Ron ultimately made a decision to give Norv the job. In the two years since his MVP campaign in 2015, Newton has thrown just 41 touchdowns while tossing 30 interceptions.
Vivo Launches First In - Screen Fingerprint Scanner
For all the phone enthusiasts out there, the best and the most exciting news is that this technology exists, and it works. It is just a bit slower than what you might be used to from a traditional fingerprint scanner , but not much slower.
India's Infosys profits soar after TCS slide
We had 8 per cent year-on-year growth and 24.3 per cent operating margin with $593 million of free cash flow". Revenues are expected to grow 2.1%-3.1% in INR terms based on the exchange rates as of December 31, 2017.
James, Curry lead NBA All-Star voting
Coaches will then choose the reserves and the two top vote-getters from each conference get to pick their teammates from the pool. The fan vote makes up 50 percent of the overall vote for the All-Star Game, which is scheduled February 18 in Los Angeles.