Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
@Floydian at least don’t have a single file that controls whether you can get complete access to a machine. The whole company is highly fucking questionable.
@Floydian oh right yeah, fair point. This way, even the janitors can see what’s on my computer.
The amount of times I've been tempted to add firmware passwords to the demo Macs at my local iStores and then reset their admin account passwords so they can't do anything about it...
Why does the FBI even bother asking Apple to put a back door into their devices when it already comes with backdoors?
natriumpt33yWell, if your partition is not encrypted (e.g. using FileVault) then any low level code will be able to access the contents of the filesystem, ignoring user permissions.
Not having the disk encrypted is always subject to other attack vectors such as removing the disk and connecting it to another machine, or booting your Mac (or PC) with an USB drive with a live os to copy whatever.
But I guess it's easier to blindly bash a company. ¯\_(ツ)_/¯
@natriumpt do you even read anything? I’m not blindly bashing a company, I’m bashing them with good reason.
They have a system that lets you delete a single file and get admin access within two minutes. That’s been there for years by the way. Neither FileVault nor firmware passwords are the default option, so if you’re an average consumer you won’t set it up.
If ranting about issues like that seems like “blind bashing” to you then idk what else to say.
natriumpt33y@thealex sorry, indeed I was a bit blunt on that comment, didn't mean to offend.
That kind of access is due to the fact that you can access the shell without any assistance. Yes, it's easier, but just because it's not as easy to do it on other platforms, doesn't mean it's a bad feature.
You can do it on Windows, for instance, by going into safe mode. It allows you to login to the usually disabled root account. And it takes the same time!
That's just security through obscurity. If you know how to do it, why would other barriers (like having to boot from a USB) be placed?
FileVault was actually a default option between 2 versions (and then got disabled again because users complained about performance and losing files when forgetting the password).
Users should be educated, encryption should be on by default if you set a password, just like it is on the mobile platforms (iOS and Android).
@natriumpt No offence taken.
Users need more education, I agree with that. The amount of people that take pride in saying “I don’t know how to use a computer” is much higher than it should be at this point in time.
The problem is that if you ask most users “do you want to enable FileVault” or “do you want your disk encrypted”, you just get a confused face as a response. Users should definitely be more educated - as in, a slow down due to FileVault doesn’t mean it’s bad, it means it’s working. And that encryption is hella important.
Of course there’s always a way to get in. Computers are built by humans, and humans make mistakes. I just think that it should be harder than holding down a key combination and deleting a single file...