Apple Macs Have Yet Another Password-Bypassing Bug

[Harold Newton]

Everything, including the subject line, is verbatim (excepting brackets).

"Apple Macs Have Yet Another Password-Bypassing Bug"
"Apple Mac computers running the latest version of Apple's
High Sierra operating system have a flaw that lets just about
anyone unlock and edit a person+IBk-s App Store preferences with
any password."

"Here are the steps to follow to exploit the hole [as admin].
Open "System Preferences"
Select "App Store"
Click the padlock icon to "lock" it if it is "unlocked".
Click the padlock icon to "unlock" it.
Enter your user name and *any password*."

"After unlocking App Store preferences, a person can tweak
certain password settings, such as the frequency with which
a system asks for a user's password when approving app-related
purchases."

"It's likely the issue will be resolved in a future software update."
<http://fortune.com/2018/01/11/apple-mac-login-app-store-high-sierra-bug/>

[Harold Newton]

On Fri, 12 Jan 2018 05:04:15 +0000 (UTC), Harold Newton wrote:

> "It's likely the issue will be resolved in a future software update."
> <http://fortune.com/2018/01/11/apple-mac-login-app-store-high-sierra-bug/>

Everything below is verbatim from the Bug Report:
<https://openradar.appspot.com/36350507>

Expected Results:
The authorization to fail.

Actual Results:
Authorization succeeds and grants access to change the AppStore preferences.

Version:
10.13.2 17C88

[RJH]

On 12/01/2018 05:04, Harold Newton wrote:
> Everything, including the subject line, is verbatim (excepting brackets).
>
> "Apple Macs Have Yet Another Password-Bypassing Bug"
> "Apple Mac computers running the latest version of Apple's
> High Sierra operating system have a flaw that lets just about
> anyone unlock and edit a person+IBk-s App Store preferences with
> any password."
>

Just about anyone: with access to an unlocked Mac

> "Here are the steps to follow to exploit the hole [as admin].
> Open "System Preferences"
> Select "App Store"
> Click the padlock icon to "lock" it if it is "unlocked".
> Click the padlock icon to "unlock" it.
> Enter your user name and *any password*."
>
> "After unlocking App Store preferences, a person can tweak
> certain password settings, such as the frequency with which
> a system asks for a user's password when approving app-related
> purchases."
>
> "It's likely the issue will be resolved in a future software update."
> <http://fortune.com/2018/01/11/apple-mac-login-app-store-high-sierra-bug/>
>

Yep, replicable here on HS, all updates applied.

--
Cheers, Rob

[Jolly Roger]

On 2018-01-12, RJH <patch...@gmx.com> wrote:
>
> Just about anyone: with access to an unlocked Mac

That's just what the "Apple Apologists" want you to think! ; )

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

[Harry Newton]

On 12 Jan 2018 17:27:55 GMT, Jolly Roger wrote:

> That's just what the "Apple Apologists" want you to think! ; )

No, you're wrong.

RJH appears to be a normal sentient logical adult.
a. He read the description
b. He tested it and confirmed the bug
c. And he is updated (and will almost certainly apply the upcoming updates)

That's what logical people do, whose belief system isn't threatened by
facts (good or bad facts).

The Apple Apologists, of which there really are only about a half dozen or
so, (Snit, nospam, Jolly Roger, Lewis, Savageduck, BKonRamp, etc.), are not
normal logical adults.

Most (if not all) are apparently ill educated people who strongly hold a
belief system which is threatened by facts.

Hence, just as many religious fundamentalists outright deny evolution
because it's a fact that threatens the very foundation of their belief
system, the Apple Apologists outright deny any fact that shakes the very
foundation of their belief system.

RJH did not act that way.
He acted like a normal sentient logical educated adult would.
As would I.

[Harry Newton]

On Fri, 12 Jan 2018 08:29:40 +0000, RJH wrote:

> Just about anyone: with access to an unlocked Mac

Yes. I agree. You'll note that while the entire post was verbatim, I
*added*, in square brackets "[as admin]" because the journalists didn't
make that as clear in their quotes.

So thank you for testing the bug, as admin, and reporting back your
confirmation.

Hopefully Apple will update this bug soon.

Every time I see a bug, I try to figure out how it was found, and why it
wasn't caught, and then I try to implement a solution that prevents this
type of bug from slipping through again.

IMHO, Apple needs to do more of that, it seems, given the sophomorishness
of the prior root-password bug. Would you agree?

[nospam]

In article <p3b013$pb8$1...@gioia.aioe.org>, Harry Newton

<harryn...@AlliOSusersJustGiveUp.com> wrote:

> Hopefully Apple will update this bug soon.

it's already been patched.

[Harold Newton]

On Fri, 12 Jan 2018 13:51:09 -0500, nospam wrote:

>> Hopefully Apple will update this bug soon.
>
> it's already been patched.

You say stuff that doesn't appear to be true and you don't reference
anything, so we don't know where you get your idea from that the bug is
closed.

This is the bug report I referenced prior:
<https://openradar.appspot.com/36350507>

As of this moment, it's listed as Status = Open.
<http://wetakepic.com/images/2018/01/12/apple_bug.jpg>

What information do you have (reference please) to the contrary?

[nospam]

In article <p3b1ki$s23$1...@gioia.aioe.org>, Harold Newton

<har...@example.com> wrote:

>
> >> Hopefully Apple will update this bug soon.
> >
> > it's already been patched.
>
> You say stuff that doesn't appear to be true and you don't reference
> anything, so we don't know where you get your idea from that the bug is
> closed.

from apple.

[RJH]

Mmmm - my iMac patched on Jan 8 to 10.3.2, 'no updates vaialable' as of
now, and it's still possible to toggle the App Store preferences lock
with any password.

--
Cheers, Rob

[nospam]

In article <p3b2hh$jic$1...@dont-email.me>, RJH <patch...@gmx.com> wrote:

> >> Hopefully Apple will update this bug soon.
> >
> > it's already been patched.
>
> Mmmm - my iMac patched on Jan 8 to 10.3.2, 'no updates vaialable' as of
> now, and it's still possible to toggle the App Store preferences lock
> with any password.

10.13.3

[Harry Newton]

On Fri, 12 Jan 2018 19:33:05 +0000, RJH wrote:

> Mmmm - my iMac patched on Jan 8 to 10.3.2, 'no updates vaialable' as of
> now, and it's still possible to toggle the App Store preferences lock
> with any password.

RJH,
Did you notice that there appears to be a "second" bug reported within the
first bug in the bug report (which is usually bad practice - but it's what
it is)... but it wasn't reproduced in that report it seems:
<https://openradar.appspot.com/36350507>
"Also there is another bug with these lock/unlock elements in
macOS High Sierra 10.13.2. Steps to reproduce:
1) Log in as a local admin
2) Open Security&Privacy pane from the System Preferences
3) Lock the padlock if it is already unlocked
4) Click the lock to unlock it
5) Enter your password
6) Change user name to ANY.
7) Click to password field to apply changes to user name (one more
little buggy)
8) Press Unlock"

Did you confirm whether that exists also?
Or is that just a spurious comment in the bug report?

[JF Mezei]

On 2018-01-12 14:56, nospam wrote:

>> Mmmm - my iMac patched on Jan 8 to 10.3.2, 'no updates vaialable' as of
>> now, and it's still possible to toggle the App Store preferences lock
>> with any password.
>
> 10.13.3

Duh ! Since current version is 10.13.2 it is obvious the patched one
will be 10.13.3. Doesn't take Einstein to know this. But stating it
doesn't mean it has been released.

Just checked as of 15:32 EST, and macOS High Sierra is listed as 10.13.2
in the App Store in Canada.



I am also curious on why by default the panel starts unlocked. (and if
felt it doesn't need password confirmation, why have the lock icon on
that panel?


Have to wonder if this is related to Apple Pay support on some Macs
where the logic might be different to authenticate purchases and App
Store config.

[Your Name]

On 2018-01-12 08:29:40 +0000, RJH said:
> On 12/01/2018 05:04, Harold Newton wrote:
>>
>> Everything, including the subject line, is verbatim (excepting brackets).
>>
>> "Apple Macs Have Yet Another Password-Bypassing Bug"
>> "Apple Mac computers running the latest version of Apple's
>> High Sierra operating system have a flaw that lets just about
>> anyone unlock and edit a person+IBk-s App Store preferences with
>> any password."
>
> Just about anyone: with access to an unlocked Mac

At least one news article I read said it had to be an Admin account
password, which would mean normal user accounts or entering no password
won't work (unless you're stupid enough to have an admin account with a
blank password!).

If that is true (I haven't bothered to test it), then anyone trying to
"hack" the computer would need to know one of the Admin account
passwords ... making this just yet another media and anti-Apple nutter
over-hyped mountain out of a microscopic-molehill that in reality
affects almost nobody at all. :-\

[nospam]

In article <BY86C.311018$qV5.1...@fx37.iad>, JF Mezei

<jfmezei...@vaxination.ca> wrote:

>
> Duh ! Since current version is 10.13.2 it is obvious the patched one
> will be 10.13.3. Doesn't take Einstein to know this. But stating it
> doesn't mean it has been released.

public betas are available.

[Jolly Roger]

On 2018-01-12, Harry Newton <harryn...@AlliOSusersJustGiveUp.com> wrote:
> On 12 Jan 2018 17:27:55 GMT, Jolly Roger wrote:
>
>> That's just what the "Apple Apologists" want you to think! ; )
>
> No, you're wrong.

It's called sarcasm. You just dislike it because you're the troll
calling almost everyone in the Apple newsgroups an "Apple Apologist" for
the past month.

[RJH]

No, can't reproduce that one - won't get passed the user/password
dialogue without the proper credentials.

--
Cheers, Rob

[Alan Browne]

On 2018-01-12 15:33, JF Mezei wrote:
> On 2018-01-12 14:56, nospam wrote:
>
>>> Mmmm - my iMac patched on Jan 8 to 10.3.2, 'no updates vaialable' as of
>>> now, and it's still possible to toggle the App Store preferences lock
>>> with any password.
>>
>> 10.13.3
>
>
> Duh ! Since current version is 10.13.2 it is obvious the patched one
> will be 10.13.3.

There's also the 10.13.2 "Supplemental" update that's been released -
you should see it in the App Store App unless you've already applied it.

--
“When it is all said and done, there are approximately 94 million
full-time workers in private industry paying taxes to support 102
million non-workers and 21 million government workers.
In what world does this represent a strong job market?”
.Jim Quinn

[Peter Köhlmann]

Certainly. And you are the sole one to receive such "good news". After all,
"holy Steve" himself made you one of his "apologists"

In short: You are doing what you routinely do. You are lying

[nospam]

In article <p3bffp$c3c$1...@dont-email.me>, Peter Köhlmann

<peter-k...@t-online.de> wrote:

> >>
> >> >> Hopefully Apple will update this bug soon.
> >> >
> >> > it's already been patched.
> >>
> >> You say stuff that doesn't appear to be true and you don't reference
> >> anything, so we don't know where you get your idea from that the bug is
> >> closed.
> >
> > from apple.
>
> Certainly. And you are the sole one to receive such "good news". After all,
> "holy Steve" himself made you one of his "apologists"
>
> In short: You are doing what you routinely do. You are lying

nope.

[Wolffan]

On 12Jan 2018, JF Mezei wrote
(in article <BY86C.311018$qV5.1...@fx37.iad>):

It appears to have been patched in one of the 10.13.3 betas. I have no idea
which, just that the problem did not occur on a system running a beta. It
could have been patched with that beta, or one previous, I don’t know.
It’s patched now, at least on that test system. No idea about anyone
else’s systems.

[Harold Newton]

On Sat, 13 Jan 2018 09:36:17 +1300, Your Name wrote:

> If that is true (I haven't bothered to test it), then anyone trying to
> "hack" the computer would need to know one of the Admin account
> passwords

The original post and all followups were 100% factual, and the fact that
admin is necessary *was* clearly noted in the original post (in brackets)
and specifically called out.

It's also clearly mentioned in the followup posting which contained the bug
reports, and, it was just as clearly mentioned by RJH, who tested it and
confirmed.

That you apparently completely *missed* all that, does not constitute
subterfuge on the part of everyone else.

[Harold Newton]

On 12 Jan 2018 21:30:52 GMT, Jolly Roger wrote:

> It's called sarcasm. You just dislike it because you're the troll
> calling almost everyone in the Apple newsgroups an "Apple Apologist" for
> the past month.

Yet again, facts don't fit into your belief system.

I have named only a half dozen well-defined Apple Apologists who are like
you, where facts never fit into your belief system, so, you are again
completely incorrect that "almost everyone in the Apple newsgroups" is an
Apple Apologist.

In reality, there are only a half dozen or so... namely
*Jolly Roger, Lewis, nospam, BKonRamp, Savageduck, Hemidactylus, etc.*

[Harold Newton]

On Fri, 12 Jan 2018 22:02:02 +0000, RJH wrote:

>> Did you confirm whether that exists also?
>> Or is that just a spurious comment in the bug report?
>>
>
> No, can't reproduce that one - won't get passed the user/password
> dialogue without the proper credentials.

Thanks. It must just be an incorrect addition to the bug report.
Thanks for testing that for everyone to benefit.

[Jolly Roger]

Harold Newton <har...@example.com> wrote:
> On 12 Jan 2018 21:30:52 GMT, Jolly Roger wrote:
>
>> It's called sarcasm. You just dislike it because you're the troll
>> calling almost everyone in the Apple newsgroups an "Apple Apologist" for
>> the past month.
>

> Blah blah blah Apple Apologists

Broken record troll is a broken record.

[Lewis]

In message <p3bffp$c3c$1...@dont-email.me> Peter Köhlmann <peter-k...@t-online.de> wrote:
> nospam wrote:

>> In article <p3b1ki$s23$1...@gioia.aioe.org>, Harold Newton
>> <har...@example.com> wrote:
>>
>>>
>>> >> Hopefully Apple will update this bug soon.
>>> >
>>> > it's already been patched.
>>>
>>> You say stuff that doesn't appear to be true and you don't reference
>>> anything, so we don't know where you get your idea from that the bug is
>>> closed.
>>
>> from apple.

> Certainly. And you are the sole one to receive such "good news".

Not at all. Apple's statement when the bug was disclosed was that it was
already fixed and would be on an updated soon. At the time it was
reported, the bug was not present in the current macOS beta.

--
RTFM replies are great, but please specify exactly which FM to R

[Jolly Roger]

That's just what the "Apple Apologists" *want* you to think! #staywoke

[JF Mezei]

On 2018-01-12 17:47, Alan Browne wrote:

> There's also the 10.13.2 "Supplemental" update that's been released -
> you should see it in the App Store App unless you've already applied it.

App store makes no mention of "Supplemental" and does not offer any High
Sierra updates to me.

[David B.]

I concur.


--
David B.

[Alan Baker]

Perhaps that's because you both are utterly clueless.

I'm running 10.13.2 right now, and right now, in my App Store it is
offering me:

"macOS High Sierra 10.13.2 Supplemental Update"

[Wolffan]

On 13Jan 2018, JF Mezei wrote
(in article <Eju6C.311890$qV5.1...@fx37.iad>):

Intriguing. I have, sitting in my email, in the folder named ‘Apple’ the
following:
APPLE-SA-2018-1-8-2 macOS High Sierra 10.13.2 Supplemental Update

"macOS High Sierra 10.13.2 Supplemental Update is now available
and addresses the following:

Available for: macOS High Sierra 10.13.2
Description: macOS High Sierra 10.13.2 Supplemental Update includes
security improvements to Safari and WebKit to mitigate the effects of
Spectre (CVE-2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and
Paul Kocher in collaboration with Daniel Genkin of University of
Pennsylvania and University of Maryland, Daniel Gruss of Graz
University of Technology, Werner Haas of Cyberus Technology,
Mike Hamburg of Rambus (Cryptography Research Division),
Moritz Lipp of Graz University of Technology, Stefan Mangard of
Graz University of Technology, Thomas Prescher of Cyberus Technology,
Michael Schwarz of Graz University of Technology, and Yuval Yarom of
University of Adelaide and Data61 for their assistance.

Installation note:

macOS High Sierra 10.13.2 Supplemental Update may be obtained from
the Mac App Store or Apple's Software Downloads web site:
https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site:https://support.apple.com/kb/HT201222”

That email is timestamped 13:32 08 Jan 2018. One wonders why you haven’t
been able to get the download in question.

[Wolffan]

On 13Jan 2018, David B. wrote
(in article <UBu6C.603239$l_3.3...@fx21.fr7>):

I don’t believe a damn thing you post. Particularly when Apple says
different.

[David B.]

On 13/01/2018 21:17, Alan Baker wrote:
> On 2018-01-13 1:11 PM, David B. wrote:
>> On 13/01/2018 20:51, JF Mezei wrote:
>>> On 2018-01-12 17:47, Alan Browne wrote:
>>>
>>>> There's also the 10.13.2 "Supplemental" update that's been released  -
>>>> you should see it in the App Store App unless you've already applied
>>>> it.
>>>
>>> App store makes no mention of "Supplemental" and does not offer any High
>>> Sierra updates to me.
>>
>>
>> I concur.
>>
>>
>
> Perhaps that's because you both are utterly clueless.

I expect you, too, were once a newbie.

> I'm running 10.13.2 right now, and right now, in my App Store it is
> offering me:
>
> "macOS High Sierra 10.13.2 Supplemental Update"

Please explain why you have not accepted and installed same.

--
David B.

[Wolffan]

On 13Jan 2018, David B. wrote

(in article <xWu6C.500163$i73....@fx06.fr7>):

> On 13/01/2018 21:17, Alan Baker wrote:
> > On 2018-01-13 1:11 PM, David B. wrote:
> > > On 13/01/2018 20:51, JF Mezei wrote:
> > > > On 2018-01-12 17:47, Alan Browne wrote:
> > > >
> > > > > There's also the 10.13.2 "Supplemental" update that's been released -
> > > > > you should see it in the App Store App unless you've already applied
> > > > > it.
> > > >
> > > > App store makes no mention of "Supplemental" and does not offer any High
> > > > Sierra updates to me.
> > >
> > >
> > > I concur.
> >
> > Perhaps that's because you both are utterly clueless.
>
> I expect you, too, were once a newbie.

Mezei’s not a newbie, and you’re a troll.

>
>
> > I'm running 10.13.2 right now, and right now, in my App Store it is
> > offering me:
> >
> > "macOS High Sierra 10.13.2 Supplemental Update"
>
> Please explain why you have not accepted and installed same.

Why should anyone do anything you ask?

[Alan Baker]

On 2018-01-13 1:33 PM, David B. wrote:
> On 13/01/2018 21:17, Alan Baker wrote:
>> On 2018-01-13 1:11 PM, David B. wrote:
>>> On 13/01/2018 20:51, JF Mezei wrote:
>>>> On 2018-01-12 17:47, Alan Browne wrote:
>>>>
>>>>> There's also the 10.13.2 "Supplemental" update that's been released  -
>>>>> you should see it in the App Store App unless you've already
>>>>> applied it.
>>>>
>>>> App store makes no mention of "Supplemental" and does not offer any
>>>> High
>>>> Sierra updates to me.
>>>
>>>
>>> I concur.
>>>
>>>
>>
>> Perhaps that's because you both are utterly clueless.
>
> I expect you, too, were once a newbie.

Yup.

Only when I was, I didn't try to pretend I knew it all.

>
>> I'm running 10.13.2 right now, and right now, in my App Store it is
>> offering me:
>>
>> "macOS High Sierra 10.13.2 Supplemental Update"
>
> Please explain why you have not accepted and installed same.

No.

>

[Larry Gusaas]

On 2018-01-13, 2:51 PM JF Mezei wrote

macOS High Sierra 10.13.2 Supplemental Update    macOS High Sierra 10.13.2    08 Jan 2018
https://support.apple.com/en-ca/HT201222


--
_________________________________

Larry I. Gusaas
Moose Jaw, Saskatchewan Canada
Website: http://larry-gusaas.com
"An artist is never ahead of his time but most people are far behind theirs." - Edgard Varese

[J Burns]

I installed it. The bug is still there, and it's worse than reported. I
couldn't think of a bogus password, so I left it blank. It still unlocked!

Oh no! Somebody could sneak onto my computer and change the preferences
so Appstore will ask for my password every time instead of once in 15
minutes. They could have Apple install updates automatically.

If that happens, I'll look around the room for a sneaky person.

[J Burns]

It's not as bad as I thought. A sneaky person in the room could have
Apple updates download in the background, but I'd still have to okay
installation. I can breathe easier now.

[David B.]

On 13/01/2018 21:45, Alan Baker wrote:
> On 2018-01-13 1:33 PM, David B. wrote:
>> On 13/01/2018 21:17, Alan Baker wrote:
>>> On 2018-01-13 1:11 PM, David B. wrote:
>>>> On 13/01/2018 20:51, JF Mezei wrote:
>>>>> On 2018-01-12 17:47, Alan Browne wrote:
>>>>>
>>>>>> There's also the 10.13.2 "Supplemental" update that's been
>>>>>> released  -
>>>>>> you should see it in the App Store App unless you've already
>>>>>> applied it.
>>>>>
>>>>> App store makes no mention of "Supplemental" and does not offer any
>>>>> High
>>>>> Sierra updates to me.
>>>>
>>>>
>>>> I concur.
>>>>
>>>>
>>>
>>> Perhaps that's because you both are utterly clueless.
>>
>> I expect you, too, were once a newbie.
>
> Yup.
>
> Only when I was, I didn't try to pretend I knew it all.

That's good to know.

>>> I'm running 10.13.2 right now, and right now, in my App Store it is
>>> offering me:
>>>
>>> "macOS High Sierra 10.13.2 Supplemental Update"
>>
>> Please explain why you have not accepted and installed same.
>
> No.

That's your prerogative .... but it smacks of untruths being told.

There is *NO* "Supplemental Update" being offered to me. Period.

--
David B.




--
“Men occasionally stumble over the truth, but most of them pick
themselves up and hurry off as if nothing ever happened.” (Winston S.
Churchill)

[David B.]

On 13/01/2018 21:43, Wolffan wrote:
> On 13Jan 2018, David B. wrote
> (in article <xWu6C.500163$i73....@fx06.fr7>):
>
>> On 13/01/2018 21:17, Alan Baker wrote:
>>> On 2018-01-13 1:11 PM, David B. wrote:
>>>> On 13/01/2018 20:51, JF Mezei wrote:
>>>>> On 2018-01-12 17:47, Alan Browne wrote:
>>>>>
>>>>>> There's also the 10.13.2 "Supplemental" update that's been released -
>>>>>> you should see it in the App Store App unless you've already applied
>>>>>> it.
>>>>>
>>>>> App store makes no mention of "Supplemental" and does not offer any High
>>>>> Sierra updates to me.
>>>>
>>>>
>>>> I concur.
>>>
>>> Perhaps that's because you both are utterly clueless.
>>
>> I expect you, too, were once a newbie.
>
> Mezei’s not a newbie, and you’re a troll.

No-one suggested that 'Mezei' *is* a newbie.

>>> I'm running 10.13.2 right now, and right now, in my App Store it is
>>> offering me:
>>>
>>> "macOS High Sierra 10.13.2 Supplemental Update"
>>
>> Please explain why you have not accepted and installed same.
>
> Why should anyone do anything you ask?

Simply to demonstrate that they are telling the truth.

The truth *will* out - *ALWAYS*!

--
David B.

[JF Mezei]

On 2018-01-13 18:06, David B. wrote:
> There is *NO* "Supplemental Update" being offered to me. Period.
>

Just checked again at 18:30 EST. Still opffers 10.13.2 Updated 06
December 2017.


As this is a security fix that has made the media, I would have expected
Apple to have rolled it out worldwide instead of staggered availability
with different countries getting it at different times.


Update: going back to "Updates", and the Supplemental Update is now
available as a "Software Update".

(note that it did not appear as I launched the app when I started to
write this).

[David B.]

This is as up-front as I can be! ;-)

https://discussions.apple.com/thread/8237273

HTH

[JF Mezei]

Note: the upgrade took a long time (over 20 minutes at least 2 reboots).

Creashed Firefox in a way that it could not "restore" previous sessions
when it rebooted. (likely a firefox problem). Restored the whole profile
from backup *(happened after high sierra upgrade too)

It screwed my displays once more, insisted on booting in mirroed display
and insisted on rep]laving my solid colour backgrounds with its "high
sierra" picture.

I have to spend mucho time reporting the problems I have encountered
thiese past few days with High Sierra. (since OS-X handles 1 or 2
identical displays fine, and after disconnecting the first one (from
thunderbolt port) and plugging it back in, is then able to use proper
resolution (but moves all apps to different widnows and screws up all
arrangements).

I long for Snow Leopard.

[Wolffan]

On 13Jan 2018, David B. wrote

(in article <npw6C.500167$i73.1...@fx06.fr7>):

> On 13/01/2018 21:43, Wolffan wrote:
> > On 13Jan 2018, David B. wrote
> > (in article <xWu6C.500163$i73....@fx06.fr7>):
> >
> > > On 13/01/2018 21:17, Alan Baker wrote:
> > > > On 2018-01-13 1:11 PM, David B. wrote:
> > > > > On 13/01/2018 20:51, JF Mezei wrote:
> > > > > > On 2018-01-12 17:47, Alan Browne wrote:
> > > > > >
> > > > > > > There's also the 10.13.2 "Supplemental" update that's been released -
> > > > > > > you should see it in the App Store App unless you've already applied
> > > > > > > it.
> > > > > >
> > > > > > App store makes no mention of "Supplemental" and does not offer any High
> > > > > > Sierra updates to me.
> > > > >
> > > > >
> > > > > I concur.
> > > >
> > > > Perhaps that's because you both are utterly clueless.
> > >
> > > I expect you, too, were once a newbie.
> >
> > Mezei’s not a newbie, and you’re a troll.
>
> No-one suggested that 'Mezei' *is* a newbie.

you still have that reading comprehension problem. And you’re still a lying
scumbag troll.

>
>
> > > > I'm running 10.13.2 right now, and right now, in my App Store it is
> > > > offering me:
> > > >
> > > > "macOS High Sierra 10.13.2 Supplemental Update"
> > >
> > > Please explain why you have not accepted and installed same.
> >
> > Why should anyone do anything you ask?
>
> Simply to demonstrate that they are telling the truth.

to _you_, a proven lying scumbag troll? BWA-HA-HA-HA-HAAAA!

>
>
> The truth *will* out - *ALWAYS*!

Oh, everyone already knows the truth about _you_, troll-boy.

[Wolffan]

On 13Jan 2018, David B. wrote

(in article <Ihw6C.500166$i73.4...@fx06.fr7>):

Troll-boy, you’re fond of posting headers. Your headers state that you’re
running OS X 10.11. You’d be fairly unlikely to get updates for 10.13 when
you’re running 10.11. Idiot. Either, as so many have said to you, headers
are meaningless, or you’re not running 10.13. Idiot troll-boy.

[Harold Newton]

On 13 Jan 2018 16:27:09 GMT, Jolly Roger wrote:

> Broken record troll is a broken record.

You are one of about 1/2 dozen Apple Apologists:

*Jolly Roger, Lewis, nospam, BKonRamp, Savageduck, Hemidactylus, etc.*

Why do the Apple Apologists always deflect blame and call all facts they don't like, trolls?
<https://groups.google.com/forum/#!topic/misc.phone.mobile.iphone/FZVR227jn4g>

Notice:
* Your posts are devoid of fact.
* Your posts are devoid of value.
* Your posts are 100% hate-filled vitriolic emotion.

It's hate-filled trolls like you that ruin an otherwise pleasant newsgroup
experience.

In fact, if you search this newsgroup for the word troll combined with
Jolly Roger, you'll find you come up (by far) on top.

I only speak fact.

[Your Name]

I've already installed it, so it's listed in the App Store's "Updates
Installed in the Last 30 Days" section.

One possibility, though unlikely, is that the non-English version /
store download isn't ready, so those using other localised OS X
installs / App Store might not see it yet.

Another possiblity is if you've recently re-installed OS X, then the
Supplemental Update could very well already be included in that
original install process.

[Your Name]

The password bug isn't the reason for the Supplemental Update. It's to
do with the Intel CPU issues. <https://support.apple.com/en-nz/HT208397>

The password bug is reportedly fixed in 10.13.3, which is still only in
beta testing.

[Alan Baker]

As it has been corroborated by others, no, it really doesn't.

>
> There is *NO* "Supplemental Update" being offered to me. Period.

I don't believe you.

>

[J Burns]

Yeah, I thought Meltdown was more important than Appstore preferences
security. Of 33 preference windows that can be opened through System
Preferences on my Mac, only 4 others require a password for changes.
Appstore changes look harmless. I think the error was in asking for a
password.

[JF Mezei]

On 2018-01-13 21:05, Alan Baker wrote:

>> There is *NO* "Supplemental Update" being offered to me. Period.
>
> I don't believe you.

There are a few possible aspects for the confusion:

This is a security update, not a new version. (the "supplemental
update" is misleading). After applying it, the "About this Mac" remains
at 10.13.2

So the "marketing" of High Sierra as an App remains at High Sierra
10.13.2 without "supplemental".

The fact that after installing 10.13.2 on Thursday, the "system" did not
let me know of the security update means that it was not available on
Thursday (normally would have "pulled" such information right away).


The fact that I started the App Store today and it showed no updates
available can either mean that the update magically became available a
few minutes later, or that starting App Store doesn't automatiocally
cause a check for new software, and that this check is done in batch job
at regular intervals. Going back to the "Updates" tab forced the App
Store app to make a check for updates, at which point it found the
security update.

I suspect there is a background job that runs at regular intervals to
check for available updates and places it in a file which the App
Store.App uses when you start it up (quicker than polling the servers
whenever you start the app). But this results in delays for stuff appearing.

This isn't the first time that people have different experiences for
when new software is proposed to them. Yet, certain regulars keep on
using this as an excuse to insult users who don't see the updates at
same time as they do. And those people should know better (since they
claim to be such experts at all things Apple) how the process works.

[nospam]

In article <mwz6C.292312$247.1...@fx40.iad>, JF Mezei

<jfmezei...@vaxination.ca> wrote:

>
> There are a few possible aspects for the confusion:

no. there's just one. you.

[Jolly Roger]

On 2018-01-14, Harold Newton <har...@example.com> wrote:
> On 13 Jan 2018 16:27:09 GMT, Jolly Roger wrote:
>
>> Broken record troll is a broken record.
>

> Blah blah blah blah blah Apple Apologists:

Broken record troll is a broken record.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

[Andreas Rutishauser]

In article <p3eaut$1i5h$1...@gioia.aioe.org>,

Harold Newton <har...@example.com> wrote:

> It's hate-filled trolls like you that ruin an otherwise pleasant newsgroup
> experience.

are you talking to yourself?
Tha Apple newsgroups were fun before you entered the scene.
Now the content has to be sought between your never ending and repeated
drivel.

Andreas

--
MacAndreas Rutishauser, <http://www.MacAndreas.ch>
EDV-Dienstleistungen, Hard- und Software, Internet und Netzwerk
Beratung, Unterstuetzung und Schulung
<mailto:and...@MacAndreas.ch>, Fon: 044 / 721 36 47

[Harry Newton]

On Sun, 14 Jan 2018 05:29:16 +0100, Andreas Rutishauser wrote:

> are you talking to yourself?

I have stated accurate facts in this thread.

While I realize from your lack of ability to add on-topic technical value
that you're one of the least educated of the Apple Apologists, I always
gave you slightly more credit for having a semblance of logic than Jolly
Roger exhibits.

And yet, you call valid on-topic facts, "drivel".
Why do facts scare you to death?

Please realize I'm on *plenty* of newsgroups, where technical conversation
of factual information abounds.

It's only on the Apple-related newsgroups that you Apple Apologists can't
handle facts because facts don't fit into their belief systems.

You all lack education, hence your belief system is threatened by facts.
*Andreas Rutishauser*
*Jolly Roger*
*Lewis*
*nospam*
*BKonRamp*
*Savageduck*
*Hemidactylus*
*Snit*
etc.

> Tha Apple newsgroups were fun before you entered the scene.

All the newsgroups are fun that don't have the Apple Apologists in them.

> Now the content has to be sought between your never ending and repeated
> drivel.

Notice, I only speak facts, and you call all facts "drivel".

I speak facts on the Linux, Android, Windows, iOS, and Apple newsgropus.

But only on the Apple newsgroups, are there the handful of persistent
ill-educated Apple Appologists who call all facts "drivel".

It's quite fitting of you, don't you think.

Not only do facts scare you to death ...

But...

Facts just never did fit into your belief system.

[Andreas Rutishauser]

In article <p3f3ac$ch0$1...@gioia.aioe.org>,

Harry Newton <harryn...@AlliOSusersJustGiveUp.com> wrote:

> On Sun, 14 Jan 2018 05:29:16 +0100, Andreas Rutishauser wrote:
>
> > are you talking to yourself?
>
> I have stated accurate facts in this thread.

and how many times have these "facts" have to be repeated?

>
> While I realize from your lack of ability to add on-topic technical value

What technical value can be added to a troll thread?

> And yet, you call valid on-topic facts, "drivel".

There is since long no more on topic in this thread, just you repeating
your hate.

> Please realize I'm on *plenty* of newsgroups,

So what?

> > Tha Apple newsgroups were fun before you entered the scene.
>
> All the newsgroups are fun that don't have the Apple Apologists in them.

All the newsgroups are fun that don't have Harry Newton or one of his
nyms in them.

>
> > Now the content has to be sought between your never ending and repeated
> > drivel.
>
> Notice, I only speak facts, and you call all facts "drivel".

It has been proven that you write many lies.
And you repeat your stuff ad infinitum.

EOD for me.

[Harold Newton]

On Mon, 15 Jan 2018 06:12:42 +0100, Andreas Rutishauser wrote:

> It has been proven that you write many lies.
> And you repeat your stuff ad infinitum.
>
> EOD for me.

Another attribute of Apple Apologists like Andreas Rutishauser is that they
act like little children when confronted with facts that they don't like.

> and how many times have these "facts" have to be repeated?

In this thread, I didn't *repeat* facts.
I simply responded to the Apple Apologists, like I am responding to you.

It's you Apple Apologists who have the gall to claim untruths, and then
when you're called out for your untruths, you then claim the person telling
the truth is "repeating facts".

It's yet another indication that facts, particularly repeating them,
threatens the underlayment of your very belief system.

Facts petrify people like you, Andreas Rutishauser.

[nospam]

In article <p3ihoq$r2t$7...@gioia.aioe.org>, Harold Newton

<har...@example.com> wrote:

>
> > It has been proven that you write many lies.
> > And you repeat your stuff ad infinitum.
> >
> > EOD for me.
>
> Another attribute of Apple Apologists like Andreas Rutishauser is that they
> act like little children when confronted with facts that they don't like.

projection.

[Harold Newton]

On Mon, 15 Jan 2018 10:38:54 -0500, nospam wrote:

>> Another attribute of Apple Apologists like Andreas Rutishauser is that they
>> act like little children when confronted with facts that they don't like.
>
> projection.

What's interesting about the half-dozen Apple Apologists, is that *you* are
completely different than the rest are in intelligence, but not in action.
*Andreas Rutishauser*
*BKonRamp*
*Hemidactylus*
*Jolly Roger*
*Lewis*
*nospam*
*Savageduck*
*Snit*
etc.

While it's patently obvious none of the dozen or so Apple Apologists are
formally educated, you're clearly the most knowledgeable about facts.

You just don't like them.

What's so very different about you is that the rest of the Apple Apologists
actually believe what they say - but you never do - which one can tell by
your clever contortions of facts that only a gullible illlogical person
could believe (which is why the rest believe them).

So you'd be perfect at *marketing* or at being a great *defense lawyer*!

You'd make the absolute worst scientist or engineer though.
Facts don't have a place to fit in your belief system.

So you say all facts you don't like are "nonesense".

And, like all the dozen or so Apple Apologists, your retorts to actual
facts are always childish grade-school-level taunts.

Those are facts.