Apple’s latest Mac operating system, macOS High Sierra seems to have a lot of bugs. Previously, it was discovered that the macOS High Sierra bug allowed anyone to gain Mac root privileges because the user could enter a blank password to log in directly to the root account. In addition, another security bug allows users to directly access an encrypted APFS external hard disk.
The security vulnerabilities discovered this time is just as serious. Only simple terminal commands are needed to see the password in macOS 10.13.1. Fortunately, this issue has been fixed in the latest version of macOS High Sierra.
After converting unencrypted APFS to the encrypted APFS file system, this bug still exists. However, converting non-APFS to APFS and then encrypting this bug will not happen. In the macOS 10.13.1 system, you only need to use the following command in the terminal application to see the clear text password.
log stream –info –predicate ‘eventMessage contains “newfs_”‘
Source, Image: mac4n6
