Tag Archives: Mac OS X

The Apple Spectre + Meltdown Patches Detailed!

Within a week after the Meltdown and Spectre exploits revealed, the first Apple Spectre patches were introduced. And Apple has finally released their next slew of patches that will help protect Apple computers against Meltdown and Spectre.

There has been some confusion about what was “fixed” in which patch. In this article, we will share with you exactly mitigations were introduced in which OS X update. As usual, we will update this article, as and when new Apple Spectre or Meltdown patches are released.

 

The Apple Spectre + Meltdown Patches

macOS High Sierra 10.13.2 Supplemental Update

Date Of Introduction : 8 January 2018
Operating System Patched : macOS 10.13 High Sierra
GPZ Variant Addressed : Spectre 1 and 2 (CVE-2017-5753 and CVE-2017-5715)

The first known update was the macOS High Sierra 10.13.2 Supplemental Update. It introduced a number of mitigations against the two Spectre variants (CVE-2017-5753 and CVE-2017-5715). Specifically, several security improvements were made to Safari and WebKit.

After updating, Safari will be upgraded to version 11.0.2 (13604.4.7.1.6) or version 11.0.2 (13604.4.7.10.6).

 

Security Update 2018-001 Sierra

[adrotate group=”2″]

Date Of Introduction : 23 January 2018
Operating System Patched : macOS 10.12 Sierra
GPZ Variant Addressed : Meltdown (CVE-2017-5754)

This security update patched all versions of macOS Sierra against the Meltdown exploit (CVE-2017-5754).

 

Security Update 2018-001 El Capitan

Date Of Introduction : 23 January 2018
Operating System Patched : OS X 10.11 El Capitan
GPZ Variant Addressed : Meltdown (CVE-2017-5754)

This security update patched all versions of OS X El Capitan against the Meltdown exploit (CVE-2017-5754).

 

Outstanding Apple Spectre + Meltdown Patches

From what we understand, these are the likely Apple Spectre and Meltdown patches that are still outstanding, and will eventually be released :

  1. A Meltdown patch for macOS High Sierra
  2. Spectre mitigation patches for macOS Sierra and OS X El Capitan
  3. EFI firmware updates for various Mac computers

We will update this article, as and when new Apple Spectre or Meltdown patches are released.

Go Back To > Guides | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Alibaba DingTalk App Features & Details Revealed!

The Alibaba Group is taking their Dingtalk enterprise communication and collaboration platform worldwide. DingTalk CTO, Hugo Zhu and their Head of Global Business Development, Chris Wang, flew in to demonstrate how DingTalk will help businesses small and large improve their staff communication and collaboration.

 

What Is DingTalk?

Alibaba created DingTalk in January 2015 as a proprietary enterprise communication and collaboration platform that enables text, photo, voice and video communication, workflow management and collaboration among team members and enterprises of various sizes. More than 5 million companies and organizations are currently using it in China.

 

DingTalk Security

As a Chinese app targeted at enterprises, Alibaba is eager to assure users of the security of the DingTalk platform. It features end-to-end 256-bit AES encryption over SSL/TLS connections. It is also one of the first Chinese apps to have obtained the ISO/IEC 27001:2013 standard.

Enterprises that require additional security can opt for third-party encryption services that will provide assurance that the messages and data sent or shared on DingTalk cannot be accessed, even if their servers are compromised in any way.

 

DingTalk Communication Features

  • Phone / Chat: DingTalk can support up to 3,000 members in a single group chat.
  • Voice Conferencing: Multi-party participation with ease of clicking a button on the group chat for up to 50 people. Voice service is currently only available via VoIP for users outside of China.
  • Video Conferencing: High-definition video conferencing equipment for up to 16 parties, view conference status at a glance and easily switch between training and discussion mode, supports both desktop and file sharing. Video services is currently only available via VoIP for users outside of China.
  • Ding Mail: Effective email messaging and receive email notifications in chats. Ding Mail makes email messaging more like chats instead of threads.
  • Organization Chart: View organization’s structure in a glance, find people and contacts with ease.
  • Read/Unread Status: All types of messaging display read / unread statuses for improving communications efficiency.
  • Secret Chat: Send a traceless secret message for ultimate privacy and protection. Once read, the message automatically delete itself after 30 seconds. No Copy& Paste is allowed during Secret Chat mode. Both profiles within the Secret Chat are masked, hence the identities remain concealed.

 

DingTalk Office Automation Features

  • Attendance: User-friendly and smart Clocking-In and Out system, automatically generates attendance reports, approvals for business trips and leave are automatically.
  • Approvals: all your workplace tools in one place – requests for leaves, applications for business trips or reimbursements at the convenience of your phone. Recommended process templates are provided for each industry. Approval functions lets you view pending applications, keep track of all your approved applications and submit your own applications for approval.
  • Ding Drive: quick and easy file collaboration, integrated company chats, making sharing files between colleagues even easier. Easy and sharable files between companies through your external contacts or keep files only accessible to employees. Free storage for every registered organizations. Different permission settings available in regular chars, private chats or organization chats.
  • Check-In: More of a field-force feature. NO setup is required and it captures all check-in records in one report.
  • Log: View work reports from previous days, weeks or months to help identify problems
  • Announcement: Announcements can be made within your department / organization. Members will receive notifications once announcement has been posted.

 

DingTalk Collaboration Features

  • DING Message: Send important messages via SMS, phone or in the app ( DING message via phone is only available for a few customers and the function is available only to a “White List” of users and is not available to the general public)
  • DING Tasks: create and assign work tasks in seconds
  • DING Meetings: Book offline meetings, video conferences and conference calls (voice and video services are currently only available via VoIP for users outside of China)
  • External Contacts: Batch add from Phone Contacts / import from PC, Add manually or Scan Business Card to add external contacts to your DingTalk. Under the Scan Business Card function, all you need to do is scan the business card and all information will be automatically extracted and saved under External Contacts.
  • Hot Line: Local hotline number for customers in Malaysia is +603 20929588
  • Field Support: When required, DingTalk’s local team will provide onsite deployment service or training for organizations and companies.

 

DingTalk Smart Office Devices

Enterprises, small and large, can further leverage the capabilities of DingTalk with the addition of these DingTalk Smart office Devices :

[adrotate group=”2″]
  • With the C1 Smart Wi-Fi Router, users can complete the 4-step configuration in 5 minutes. With one-click setup and seamless roaming, the router enables smart network traffic control and supports up to 256 devices.
  • Besides screen sharing between offices powered by DingTalk, users can also use D6 Wireless HD Projector or V1 Wireless Portable Projector for presentation.
  • DingTalk enables enterprises to conveniently record attendance in the workplace and at external meetings with the M1 Finger Print Attendance Machine and M2 Facial Recognition Smart Receptionist.

 

DingTalk Price & Availability

Originally designed as a Chinese app, DingTalk is now available as an English app in Google Play Store, and the Apple App Store. It is also available on the desktop for Windows and Mac systems.

The native features of DingTalk are FREE for all enterprises to use, irrespective of their size. Optional third-party, or value added services (e.g. additional Ding Drive storage) may be applicable.

Go Back To > Events | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The macOS High Sierra Root Bug Explained! Rev. 2.0

The Internet is abuzz with the shocking revelation that now everyone can hack an Apple computer… as long as it’s using the latest macOS High Sierra operating system. Let us explain what’s going on, and share with you the workaround for the macOS High Sierra root bug.

Updated @ 2017-11-30 : Added a new section on the Apple bug fix (Security Update 2017-001) [1], and additional information on the root bug [2].

Originally posted @ 2017-11-29

 

What Is Root User?

If you are the primary user of a MacOS X system, you have an administrator account with administrator privileges. This gives you more privileges and access than a standard user account. However, that is not the highest access level possible.

There is a Mac superuser account called “root” that gives you elevated read and write privileges to hidden or protected areas of the system. With the Mac root user account, you can even access files in other user accounts.

In fact, it gives you such God-like powers, you can modify or even delete critical system files. In fact, a Mac root user can use the rm -rf * command to delete the contents of every mounted drive in the computer, until macOS crashes when a crucial file or folder is deleted.

So this Mac root user account should only remain disabled unless you really, REALLY need to use it.

Suggested Reading : The Mac Root User Login & Password Guide

 

The macOS High Sierra Root Bug Updated!

On Tuesday, 28 November 2017, Turkish software developer Lemi Orhan Ergin revealed the macOS High Sierra root bug. With a few simple steps, anyone can gain elevated root user privileges in any computer running macOS High Sierra! Here is a summary of what we know about the root bug :

  1. The root bug exploit requires a computer running macOS High Sierra, with multiple user accounts.
  2. When prompted for a username and password, use these steps to gain root user access without any password :
    • Type “root” as the username and leave the password field blank.
    • Just click “Unlock” twice.
  3. The root bug cannot be exploited remotely, unless screen sharing is enabled.
  4. The root bug was introduced in macOS High Sierra 10.13.1. Earlier versions of macOS were not affected.
  5. Apple confirmed that the bug was due to “a logic error… in the validation of credentials“.
  6. Apple also confirmed that the bug would allow an attacker to “bypass administrator authentication without supplying the administrator’s password“.
  7. Several security researchers successfully replicated the bug.

 

How Serious Is This Root Bug?

The macOS High Sierra root bug is EXTREMELY serious, because it allows a hacker to easily bypass all of the macOS operating system’s security protections.

It doesn’t matter if you encrypted your computer, and secured it with an extremely long and complex password. Anyone who gains root user privileges using this bug can access (read, copy or move) the files in any user account (even those of an administrator) without knowing the password.

What’s even more troubling is that the root bug works even with a disabled root user account. This means the vast majority of Apple computers running on High Sierra are compromised, as the root user account is disabled by default.

 

How To Fix The Root Bug?

Unlike other security researchers, Lemi Orhan Ergin did not forewarn Apple before publicly revealing the bug, on Twitter no less. He basically exposed a zero-day vulnerability for hackers to use, while Apple rushes to fix the bug.

1. Install macOS Security Update 2017-001 New!

Apple just released Security Update 2017-001. This update will remove the root bug and improve credential validation. INSTALL THIS UPDATE NOW!

Note : This bug fix will reset and disable the root user account.  If you need to use the root user account, you will need to re-enable it, and change its password, after applying the update.

Note : Apple rushed out this update so quickly that they accidentally used a space instead of the version number. You can read more about this in our article – Apple Rushed Out macOS Root Bug Fix & It Shows…

This is not an issue if you are downloading the patch through the App Store. But if you’re applying the patch via Terminal, you need to add a space.

softwareupdate -i “Security Update 2017-001- “

2. Enable Root User With Your Own Password

[adrotate group=”2″]

If you cannot apply Apple’s bug fix yet, you can block this root bug by enabling the root user account, and setting a password for it.

It’s not so straightforward, so we created a step-by-step guide for you – The Mac Root User Login & Password Guide.

3. Use Additional Encryption

Alternatively, you can opt to move your sensitive data to encrypted containers or drives using third-party encryption utilities like VeraCrypt. Hackers may use the High Sierra root bug to gain access to the encrypted containers or drives, but without the correct password, the actual data won’t be accessible.

4. Physically Protect Your Apple Computer

The good news is the High Sierra root bug generally requires physical access to your Apple computer. Until this bug is fixed, you should make sure your Apple computer is never left unsupervised.

Keep it in a locked room or bag, whenever you are not using it. If no one can get to it, they cannot use the bug to gain root access.

5. Disable Screen Sharing

The High Sierra root bug can be exploited remotely if Screen Sharing is enabled. So make sure you disable Screen Sharing.

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Mac Root User Login & Password Guide

Want to have elevated God-like privileges to your Mac OS X system? Then you need to be a Mac root user. In this guide, we will teach you how to enable the root user account in OS X, change the password, and disable it.

For experienced users or power users, you can use Terminal to quickly make these changes :

[adrotate group=”2″]

If you are an inexperienced user, you can use the GUI method, which has more steps but does not require keying in commands.

 

What Is The Mac Root User?

If you are the primary user of a MacOS X system, you have an administrator account with administrator privileges. This gives you more privileges and access than a standard user account. However, that is not the highest access level possible.

There is a Mac superuser account called “root” that gives you elevated read and write privileges to hidden or protected areas of the system. With the Mac root user account, you can even access files in other user accounts.

In fact, it gives you such God-like powers, you can modify or even delete critical system files. So this Mac root account should only remain disabled unless you really, REALLY need to use it.

OS X High Sierra currently has a root bug that allows practically root access in a few simple steps. Therefore, Apple advises you to enable the Mac root account, with your own password, until they fix the bug.

Suggested Reading : The macOS High Sierra Root Bug Explained

 

How To Enable The Mac Root User / Change Password (Terminal Method)

Requisite : You need to be logged into an administrator account.

Please note this method is used to both enable the root account, and to change its password. The single command line of sudo passwd root both changes its password, while enabling the root account.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Utilities, and select Terminal.

Step 3 : Type sudo passwd root and press Enter.

sudo passwd root

Step 4 : You will be asked for your administrator password, not the new root password. Key in your administrator password and hit Enter.

Step 5 : Now key in the new root password, and hit Enter. Then retype the new root password for verification, and hit Enter.

That’s it! You have successfully enabled the Mac root account, with a password of your choice. To use it, you need to log off your administrator account.

[adrotate group=”1″]

 

How To Disable The Mac Root User (Terminal Method)

Requisite : You need to be logged into an administrator account.

Step 1 : In Terminal, type dsenableroot -d and press Enter.

dsenableroot -d

Step 2 : Key in your administrator password (not the root user password), and hit Enter.

If you succeed, you will see the notification : ***Successfully disabled root user.

Next Page > How To Enable The Mac Root User Account (GUI Method)

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Enable The Mac Root User Account (GUI Method)

Requisite : You need to be logged into an administrator account.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator name and password.

Step 4 : Click on Login Options.

[adrotate group=”1″]

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Enable Root User.

Step 9 : Now, key in the password you want, and a second time for verification, and click OK.

That’s it! You have successfully enabled the Mac root user account, with a password of your choice. To use it, you need to log off your administrator account.

Next Page > How To Change The Mac Root User Password

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Change The Mac Root User Password (GUI Method)

Requisite : You need to be logged into an administrator account, and have the root user account enabled.

If you have just enabled the root user account, and are still in the Directory Utility screen, skip ahead to Step 8.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator name and password.

Step 4 : Click on Login Options.

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

[adrotate group=”1″]

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Change Root Password.

Step 9 : Now, key in the new password you want, and a second time for verification, and click OK.

That’s it! You have successfully changed the Mac root user password. To use it, you need to log off your administrator account.

Next Page > How To Disable The Mac Root User Account

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Disable The Mac Root User Account (GUI Method)

Requisite : You need to be logged into an administrator account, and have the root user account enabled.

If you have just enabled the root user account, and are still in the Directory Utility screen, skip ahead to Step 8.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator user name and password.

Step 4 : Click on Login Options.

[adrotate group=”1″]

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Disable Root User.

That’s it! You have successfully disabled the Mac root user account.

Go Back To > First PageGuides | Home

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!