Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
You can access it via System Preferences>Users & Groups>Click the lock to make changes. Then use "root" with no password. And try it for several times. Result is unbelievable! pic.twitter.com/m11qrEvECs
— Lemi Orhan Ergin (@lemiorhan) November 28, 2017
Let's take a closer look at what's happening together. Send us a DM that includes your Mac model along with your macOS version. We'll meet up with you there. https://t.co/GDrqU22YpT
— Apple Support (@AppleSupport) November 28, 2017
Why do you tweet about this, like you called it, huge security issue instead of contacting apple via mail in first place ? With this tweet you made this issue even bigger. Not very responsible.
— Fabian Sengbusch (@FabianSengbusch) November 28, 2017
wow really putting a lot of computers out there in the wild at risk with this tweet, huh
— icy (@icystorm) November 28, 2017
I fully support @Apple suing you for this. Learn how to disclose security bugs before you call yourself a "Software Craftsman".
— Amir Omidi (@aaomidi) November 28, 2017
Apple is going to sue someone for their own software flaws? That's rich. Exposing it publicly lights a fire under Apple, forcing them to prioritize a fix. Private disclosure lets them drag their feet.
— coolpup ? (@_coolpup_) November 28, 2017