Macintosh users - important FYI

[Scion7]

If you have already upgraded or are considering upgrading to Mac OS 10.13 "High Sierra" note the following security enhancement that Apple is touting about this release:

User Approved Kernel Extension Loading

Kernel Extensions (or kexts for short) are used to add functionality to the core part of the operating system. It allows an application to have additional code loaded by the OS when the computer starts up, which in turn can provide that software with more capabilities. A good example of software that uses Kernel Extensions is Mac antivirus software. Unfortunately, malware can also install Kernel Extensions, which can allow it to intercept keystrokes and more.

To get more control over what is allowed to install a kernel extension, High Sierra will warn you if such an extension is about to be installed. Unless you approve (provide administrator credentials), a kernel extension will not be installed. This, in theory, means you can install your favorite antivirus application, but malware on the other hand cannot install the components it requires to perform its malicious functions. Of course, it's up to you and how carefully you're paying attention to heed such warnings that will determine the effectiveness of this defensive mechanism.

It's also worth noting that kernel extensions will not require authorization under two circumstances:

    If they are on a Mac before an upgrade to macOS High Sierra.
    If they are replacing previously approved extensions.


The problem is SKEL is currently broken in the first release of 10.13  !!
Several third-party developers have published proof-of-concept methods of getting around this - rather easily, in fact.
In previous days - aka pre-CEO Tim Cook - something like this happening at Apple was unheard of.
Steve Jobs and his department heads would have given a public "YOU SUCK!!!" shaming in front of the assembled employees at Cupertino to blast the team that would try and put something like this into a release-candidate of the Operating System, let alone letting it out of the door for official release. Heads would have rolled.
So, Tim Cook stinks as the head of Apple - that's old news, the old spirit at Apple is no longer there in large measure, and calls for his firing have gone on for about a year and a half now.  Set that aside for the time being.
Since this has been all over the tech news, I'm sure the first dot-release fix will either resolve this issue, or disable SKEL altogether until they go back to the drawing board on this boner.
What YOU need to do (looks at M.I.) is make sure if you do decide to install 10.13 either on a HFS+ formatted HDD or take the plunge with APFS on a SSD, is that you do NOT do any critical operations like online banking or credit-card purchases, buy stocks online, or do anything where your USER/PASSWORD are especially vital.  The browser itself can be exploited for this 'hole' without you knowing anything about it.  Browse the web, make documents, etc.  Have fun. But until the word is out that SKEL has been properly fixed, don't be STUPID.

No OS is perfect, but Apple security was always stronger than any other platform.
This is a major embarrassment that I hope will never be repeated at Cupertino - especially when they were informed about the problem weeks before release, and some idiot makes the decision to go ahead with the public download.

[Scion7]

Mac OS 10.13 Supplemental Update was released today to fix a couple of things, one of which is the Skel issue.

[Holden]

Thank you. I downloaded it this morning.