macOS High Sierra “root” User is Enabled by Default with Blank Password
Apple will be issuing Software Update to disable “root” user which is inadvertently enabled by default with blank password in macOS High Sierra.
To disable “root” user, follow the instruction from Apple or the instruction below:
Disable the root user
Choose Apple menu () > System Preferences, then click Users & Groups (or Accounts).Click the Lock, then enter an administrator name and password.
Click Login Options.
Click Join (or Edit).
Click Open Directory Utility.
Click the Lock in the Directory Utility window, then enter an administrator name and password.
From the menu bar in Directory Utility: Choose Edit > Disable Root
In previous incarnations of macOS/OS X/Mac OS X, “root” user is disabled by default.
Note:
Anyone with physical access to your Mac potentially can reset your password.
DreamHost is Under DDoS Attack, Again.
DreamHost confirms that they are under yet another Distributed Denial of Service attack again in the early A.M. of Saturday, August 26, 2017.
[Identified]
We first noticed the disruption in the service approximately at 01:30 A.M. and at that time DreamHost Status did not show any disruptions yet.
It is unknown at this point if this DDoS attack is related to the one on Thursday, August 24, 2017.
Dreamhost is under DDoS Attack
From @Dreamhost:
“Our engineers have identified the cause of the DNS degradation as a Distributed Denial of Service (DDoS) attack. dreamhoststatus.com“
Dreamhost is currently in the news as the Department of Justice “demands that DreamHost hand over 1.3 million visitor IP addresses” for a site hosted by the company.
The DDoS appears to be unrelated to the DoJ request above. It looks like it may be an Anonymous attack targeting the Dreamhost DNS to try to take a white supremacist website called ‘punishedstormer dot com’ offline. The website came online today and is hosted at Dreamhost.
We will closely follow this news.