Introduced two years ago, APFS (Apple File System) is an optimized file system for flash and SSD-based storage solutions running MacOS, iOS, tvOS or WatchOS, and promises strong encryption and better performance.
“Why is this a big deal?
The password for an encrypted APFS volume can easily be retrieved by running following simple ‘newfs_apfs’ command in the terminal:
log stream –info –predicate ‘eventMessage contains “newfs_”‘
However, this bug is not as stupid as the previously disclosed root password bug wherein the password hint section was exposing the actual password in the plain text.
Though the exact reason of the programming error is not clear, the researcher believes “it was likely a result of other APFS encryption related bugs (or at least somehow related to it), so perhaps Apple felt it didn’t need to provide the additional details.”
Edwards tested and found the bug affects only macOS 10.13 and 10.13.1, while later versions of macOS High Sierra (including the latest one) have somehow reportedly fixed this loophole.
For more technical details of this bug, you can head on to the original blog post by Edwards.
This issue is the third APFS bug in past six months affecting Apple’s latest macOS High Sierra version.
The operating system has seen a number of security issues since its release—from giving away root access to anyone without a password to revealing passwords in plaintext from the password hint feature.