MacOS High Sierra has discovered the existence of a bug in which the encrypted password of the APFS drive is saved in clear text

According to Sarah Edwards, a security analyst, newly specified encryption passwords with macOS High Sierra 10.13 and 10.13.1APFSFile systemIf you create an external drive forPlaintextIt seems that I confirmed a bug that will be saved in. Please note that this bug has already been fixed since 10.13.2.

Uh Oh! Unified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes via Disk Utility.app - mac4n6.com
https://www.mac4n6.com/blog/2018/3/21/uh-oh-unified-logs-in-high-sierra-1013-show-plaintext-password-for-apfs-encrypted-external-volumes-via-disk-utilityapp

Mr Edwards discloses how to confirm that the encrypted password is stored in the log. First of all, it seems that using "Disk Utility", I created an external drive of APFS and set "frogger 13" as an encrypted password.


At this time, use the "log" command at the terminal to display the OS log. The following is a log of the disk operation extracted, operation in the disk utility is red. After that, when the "newfs_apfs" command (light blue part) used when the OS builds the APFS drive is executed, the character string of "- S frogger 13" is present in the command argument and the encrypted password "frogger 13" I confirmed that it was stored in the log in clear text.


When Edwards examined the option information of the "newfs_apfs" command in macOS, there seems to be no description about the "-S" option in the manual ... ...


If the "newfs_apfs" command is operated on the terminal without setting anything and arguments "mistake in argument specification" error is generated, the summary of the "- S" option is displayed. Apparently it looks like an option to use when specifying an encrypted password when creating an APFS file system.


It is speculated that the "- S" option was probably implemented as a "hidden option" for internal use when creating encrypted drives, but Apple developers display command arguments in the OS log It is speculated that I did not realize that it would be done.

Edwards said that this bug confirmed that it exists in macOS 10.13 and 10.13.1, and that after 10.13.2 the password is no longer displayed. In addition, even if you convert a drive formatted by another file system to APFS and encrypt it with "password", it explains that the password is not displayed.