macOS May Lose Data Due to APFS Filesystem Bug

[Galdorf]

Wow god thing i only have pc's

macOS May Lose Data Due to APFS Filesystem Bug

 

[Archon Prime]

I'm not too worried about it. Apple will get that patched up.

 

[phaZed]

Apple

I'm not too worried about it. Apple will get that patched up.

LOL, ya, like they patched the password (or, no password!) problems 3 times now. Or, it's like the constant problem with special characters killing their OS via a text message, like the newest one "Indian Telugu Character".

If these things happened on Windows there would be mass conversations of switching platforms.

 

[Markverhyden]

Basically sparse disk images are used with Time Machine or other virtual disk situations.

 

[cyabro]

If these things happened on Windows there would be mass conversations of switching platforms.

Hmmm like the latest issue with updates stopping keyboards and mice from working?

 

[phaZed]

Hmmm like the latest issue with updates stopping keyboards and mice from working?

I mean, ya, you're right.. that is also not acceptable. At least in this particular case you can roll-back KB4074588 which had specific changes to HID devices.
Personally, I give quite a bit of lenience to the task of compatibility - supporting thousands of devices and chipsets, etc.

Fundamental flaws such as authentication-free root accounts and arguably flawed proprietary file-systems, one-char text messages that lock up the OS/proggies with buffer overflows, is on another level, IMO.
Could you imagine NTFS or GVFS being broken in the same manner? The outcry, O.M.G. "You're data is not safe on PC's!" would be Apple's next Ad on TV. If MS had a no-password "logic error" and released it in the mainstream channel.. it would be an epic fail on the same scale as Windows 98 blue-screening on PNP during the Live Demo - a 20-year meme of shame, lol!

Now, imagine Microsoft releases 3 subsequent fixes for a simple, "no password works every time as root" issue: "What!? You couldn't test the damned thing 3 F'in times to make sure the password works first!?? Da hell!"
For Apple, they have like what? Three sets of hardware to test compatibility on?

They'll get it fixed, no doubt, so don't throw your half-eaten Apple out just yet. In the same vein though, MS fixes their core products pretty good too, given enough time and customer-driven motivation.

 

[Alexey]

Could you imagine NTFS or GVFS being broken in the same manner?

Actually, yes. There were bugs with NTFS, although not many. Maybe not quite "in the same manner", so there was no permanent data loss (at least not that I can recall). That was quite a while ago, when NTFS was new, and especially when NTFS/EFS was new, but I will argue that APFS is still new now.

I would imagine that FAT32 with its designated free space counter may behave the same way (as this APFS case, reporting more free space than is actually available) if the free space counter get unsynchronized.

 

[timeshifter]

meh...

You guys that don't know or support Macs just glance at the headline then pat yourself on the back for all of your Windows knowledge and hatred for all things Apple. Those of us who handle both platforms appreciate the lack of competition

But, be sure to read the entire article. I'll give you my take on it...

• APFS is an entirely new file system format that just shipped last fall with the macOS High Sierra operating system release (think NTFS in 1994 for example)
• If the hard drive in your Mac is formatted using the new APFS or any other attached drive is using that format - you are not affected by this possibility
• Only those who are using a disk image are potentially affected by this (think .zip or .vmdk) and not all of those will encounter this. Even the dev who reported says only a small percentage of his users use their software this way.

Not much to see here really, but it is fun to see all the uninformed Apple hate.

 

[phaZed]

You guys that don't know or support Macs just glance at the headline then pat yourself on the back for all of your Windows knowledge and hatred for all things Apple. Those of us who handle both platforms appreciate the lack of competition

Lol, wait until they drop an Apple store near you.. you won't be appreciating the lack of competition then.

Not much to see here really, but it is fun to see all the uninformed Apple hate.

You kinda sum up what happens: Apple F's up and it's 'not much to see here'. MS changes their Start menu and it's Linux time!

 

[Alexey]

If MS had a no-password "logic error" and released it in the mainstream channel.. it would be an epic fail on the same scale as Windows 98 blue-screening on PNP during the Live Demo - a 20-year meme of shame, lol!

Recall that? https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-072

Bascially you could read and write any share on Windows 95/98/ME series machine by sending 1-character password to it. Brute force essentially required 36 or so attempts. And that was exploitable over network, not locally.

 

[phaZed]

Recall that? https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2000/ms00-072

Bascially you could read and write any share on Windows 95/98/ME series machine by sending 1-character password to it. Brute force essentially required 36 or so attempts. And that was exploitable over network, not locally.

Ya, 20 years ago in a time when the internet was barely out of infancy and into toddler stage. Security was barely a focus in those days. Home Networking was just getting away from token rings!

That's quite a different story than the one we're talking about today, in the internet age full of constant threats.

It's not that I'm hating on Apple, I simply give them their fair share of hate along with MS and whoever else deserves it. Apple shouldn't get an automatic pass for stupidity/incompetency, simply because "Apple".

The likes of Metasploit have proven an effective tool to bypass Mac's OS on many occasions (Rootpipe, VNC Desktop sessions w/ no authentication). It bypasses Windows, too. But I'm not going to defend either.

 

[timeshifter]

Apple has had a few whoppers over the last couple of months. This APFS disk image bug isn't one of them.

 

[Alexey]

internet age full of constant threats.

I have the impression that MacOS root password vulnerability was local, not network, is it not so?

 

[phaZed]

I have the impression that MacOS root password vulnerability was local, not network, is it not so?

In large part, that is correct. However, if the user is running any software that is "on the web" or "on the LAN" and that software uses the Users & Groups functionality of the OS for authentication, it's *was* just as vulnerable. See vulnerability CVE-2017-13872

 

[phaZed]

Apple has had a few whoppers over the last couple of months. This APFS disk image bug isn't one of them.

Ah, you're probably right. Considering that since 2006 Apple has had consistent issues with "free space" and "sparse disk image" reporting (or lack of) the incorrect sizes and corrupting in the event it fails... Ah, who needs Virtual Disk Images anyways! What's to fix!?

Dave Nanian (Author of SuperDuper! and netTunes; his blog Shirt Pocket, here)

This looks to be another manifestation of a problem we've known about for years (and documented in the User's Guide back in 2006): when an image can't grow, whether due to disk full errors, or because the host volume doesn't support large files (eg FAT32/EXT2), writes to that image can fail catastrophically.

12 years later and we're still holding our breath for Apple. Maybe they should just buy Oracle or Microsoft - their disk images seem to work OK. Then we can call the hostile takeover "innovation."

Again, if Windows Server or Linux was having Virtual Disk Image problems in this way, the sky would be falling.