31
thealex
7y

Ok wtf? How is it that I can give myself admin access to almost any Apple computer just by turning it on, holding down two keys, and then removing one file called “.AppleSetupDone”, without any kind of authentication? And I get access to all of the data on the device too. Within two minutes of having physical access to the computer.

This is a company with millions of devices in use, why is this even possible? And the only way to prevent it is to have a firmware password, which, by the way, is not a default option...are you serious

Comments
  • 4
    @Floydian at least don’t have a single file that controls whether you can get complete access to a machine. The whole company is highly fucking questionable.
  • 3
    @Floydian oh right yeah, fair point. This way, even the janitors can see what’s on my computer.
  • 4
    The amount of times I've been tempted to add firmware passwords to the demo Macs at my local iStores and then reset their admin account passwords so they can't do anything about it...
  • 2
    Why does the FBI even bother asking Apple to put a back door into their devices when it already comes with backdoors?
  • 1
    Well, if your partition is not encrypted (e.g. using FileVault) then any low level code will be able to access the contents of the filesystem, ignoring user permissions.

    Not having the disk encrypted is always subject to other attack vectors such as removing the disk and connecting it to another machine, or booting your Mac (or PC) with an USB drive with a live os to copy whatever.

    But I guess it's easier to blindly bash a company. ¯\_(ツ)_/¯
  • 0
    @natriumpt do you even read anything? I’m not blindly bashing a company, I’m bashing them with good reason.

    They have a system that lets you delete a single file and get admin access within two minutes. That’s been there for years by the way. Neither FileVault nor firmware passwords are the default option, so if you’re an average consumer you won’t set it up.

    If ranting about issues like that seems like “blind bashing” to you then idk what else to say.
  • 1
    @thealex sorry, indeed I was a bit blunt on that comment, didn't mean to offend.

    That kind of access is due to the fact that you can access the shell without any assistance. Yes, it's easier, but just because it's not as easy to do it on other platforms, doesn't mean it's a bad feature.

    You can do it on Windows, for instance, by going into safe mode. It allows you to login to the usually disabled root account. And it takes the same time!

    That's just security through obscurity. If you know how to do it, why would other barriers (like having to boot from a USB) be placed?

    FileVault was actually a default option between 2 versions (and then got disabled again because users complained about performance and losing files when forgetting the password).

    Users should be educated, encryption should be on by default if you set a password, just like it is on the mobile platforms (iOS and Android).
  • 0
    @natriumpt No offence taken.

    Users need more education, I agree with that. The amount of people that take pride in saying “I don’t know how to use a computer” is much higher than it should be at this point in time.

    The problem is that if you ask most users “do you want to enable FileVault” or “do you want your disk encrypted”, you just get a confused face as a response. Users should definitely be more educated - as in, a slow down due to FileVault doesn’t mean it’s bad, it means it’s working. And that encryption is hella important.

    Of course there’s always a way to get in. Computers are built by humans, and humans make mistakes. I just think that it should be harder than holding down a key combination and deleting a single file...
  • 0
    @ArcaneEye true. Computers are not without faults, you can always get in if you know where to look. But it should be much harder than holding down two keys and then deleting a single file imo.
Add Comment