Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major Snow Leopard Bug Said To Delete User Data

Posted by kdawson on from the clean-as-the-driven-snow dept.

inglishmayjer was one of several readers to send in the news of a major bug in Apple's new OS, 10.6 Snow Leopard, that can wipe out all user data for the administrator account. It is said to be triggered — not every time — by logging in to the Guest account and then back in to the admin account. Some users are reporting that all settings have been reset and most data is gone. The article links to a number of Apple forum threads up to a month old bemoaning the problem. MacFixIt suggests disabling login on the Guest account and, if you need that functionality, creating a non-administrative account named something like Visitor. (The Guest account is special in that its settings are wiped clean after logout.) CNet reports that Apple has acknowledged the bug and is working on a fix.

32 of 353 comments (clear)

  1. Oh. by fuzzyfuzzyfungus · · Score: 5, Funny

    Would I be a bad person if I were to suggest that this would be a perfect time to upsell Time Capsules to worried Snow Leopard customers?

    1. Re:Oh. by Anonymous Coward · · Score: 5, Funny

      Yes, yes, you would. Because there's an issue with Time Capsule power supplies crapping out ;-)

    2. Re:Oh. by Kamokazi · · Score: 4, Informative

      That may not be a very good idea either...

      --
      As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable Slashdot 2.0.
    3. Re:Oh. by fuzzyfuzzyfungus · · Score: 4, Interesting

      For a while, at any rate, dell was bundling a year or two of some online backup service with their systems, I don't remember which one, nor could I find any reference to it on their site just now.

      What surprises me is that MS hasn't done much in the area(unless you are willing to go all the way to Windows Home Server). Architecturally, Volume Shadow Copy is abundantly powerful and has been available since before Time Machine even hit the scene; but you certainly wouldn't know about it from looking at any of the advertising, documentation, or spec sheets for non-server Microsoft OSes.

    4. Re:Oh. by reSonans · · Score: 4, Interesting

      I know you're kidding, but Time Capsule has been upsold in the past for a similar reason.

      Remember Backup.app from the .Mac suite? It was touted as a complete remote backup solution for a couple of years, until Apple changed their tune in Knowledge Base articles and began describing it as a modest service intended for browser bookmarks and user settings. The reason? Restoring files was prone to data loss.

      Time Capsule + Time Machine appeared shortly thereafter, and Apple made a big, intentional splash about how this particular hardware and software combination will keep your data safe.

      --
      Light the blue touch-paper and retire immediately.
    5. Re:Oh. by causality · · Score: 4, Funny

      There's an article [gizmodo.com] claiming that users of time capsules [timecapsuledead.org] have a lifespan of 17 months and 17 days.

      So people who use that software only live less than a year and a half afterwards? Now THAT is some malware...

      --
      It is a miracle that curiosity survives formal education. - Einstein
    6. Re:Oh. by moon3 · · Score: 4, Funny

      Great marketing, let me tell you, our Apple drones are so upset over this, they are planing to buy another Mac, just in case one got erased.

    7. Re:Oh. by Charles+Dodgeson · · Score: 5, Informative

      our Apple drones are so upset over this, they are planing to buy another Mac, just in case one got erased.

      That's me!

      As an Apple fanboy, I find this bug very embarrassing. From what I read, I do fall into the "very small number of users" that this bug could catch. That is, I've had a guest account before upgrading to Snow Leopard. I guess that I've never been hit by this because I've never logged out of the guest account and then logged in to an admin account. In fact, the guest account and the admin account are both very rarely used. (My account is a "regular" account.)

      The only reason that I've enabled the Guest account is because my Macs (that's plural, so you see I really am a fanboy) have a "phone home" system in case of theft. And I figure that having a guest account will allow the thing, if stolen, to stay in use longer before getting wiped.

      As for back-ups, I don't really think the Time Capsule is something I'd recommend to most users. Instead just use Time Machine with an external drive. I do think that Apple should be given lots of credit for Time Machine. It really makes back-ups so easy there is no excuse for anyone not to make back-ups.

      --
      Prime numbers are exactly what Alan Greenspan says they are -S. Minsky
    8. Re:Oh. by Tobenisstinky · · Score: 4, Funny

      The evolution of language is a female dog?

      --
      wha'? where am i?
  2. Hi, I'm a Mac! by joocemann · · Score: 5, Funny

    ... and I'm prone to alzheimers!

    1. Re:Hi, I'm a Mac! by fuzzyfuzzyfungus · · Score: 5, Funny

      I have heard strange legends, from the lands beyond civilization, were barbarous beast-men devour one another, of places where there are more people than there are computers. Apparently, they are sometimes forced to share computers....

  3. A big thank by Anonymous Coward · · Score: 5, Funny

    to all early adopters for beta testing Snow Leopard for me.

  4. Hi, I'm a Mac! by langelgjm · · Score: 5, Funny

    ... and I'm prone to alzheimers!

    --
    "Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
  5. Re:I don't want to feed the trolls but... by gilgoomesh · · Score: 5, Informative

    As far as I can tell, from reading this on other sites, the reproduction involves:

    * Machine that was upgraded from Leopard to Snow Leopard
    * Already had the Guest account enabled on Leopard.
    * Logs into Guest account (not a remote login but a local, physical login)
    * Is hard-booted (after crash, power failure, or power button) from Guest account back into Admin account.

    Despite a combination of these steps, people are finding it hard to reproduce. So it's the sort of issue that could fall through the QA cracks.

  6. Hi, I'm a Mac! by bughunter · · Score: 5, Funny

    ... and I'm, uhh... who are you again?

    --
    I can see the fnords!
  7. Re:Apple.... by cjfs · · Score: 5, Insightful

    Well since the only apparent critics are anon cowards I'll just assume that they are all MS fan boys out to get their cockroach bites while the getting is good.

    I don't think it takes a Microsoft fan boy to be critical of a production OS bug that results in complete data loss.

  8. Re:Apple.... by Anonymous+Psychopath · · Score: 5, Insightful

    I'm not a fanboi of any particular OS and use all the major ones at home (Win7, Macbook Pro, Ubuntu, Debian, BSD, etc.). They're just tools and they all have their strengths and weaknesses.

    But this is a serious bug, and based on the past I'm certain there would be many posts from smug Apple fanbois if it had been a Windows bug. I don't use my Guest account either, but that doesn't mean it would have sucked major ass if I had lost all my data because I did. The user could not possibly predict that just using the Guest account would incur this kind of risk.

    It doesn't make sense to be an apologist. I cannot understand why Apple seems to get a free pass from their user community when this sort of thing happens to them. It's not enough to point out that the other developers have problems, too. Get pissed off and help them be better next time.

    --

    Eagles may soar, but weasels don't get sucked into jet engines.

  9. Re:This is a bad bug, yes, but... by Huntr · · Score: 5, Insightful

    I'm not one for the holy wars and I hate to sound like I'm defending Microsoft, but if this happened in Windows, people would be at their door with pitchforks and torches. For sure, no one would be admonishing the users.

    See ya, karma. :(

  10. Re:Apple.... by cjfs · · Score: 5, Insightful

    I cannot understand why Apple seems to get a free pass from their user community when this sort of thing happens to them..

    Never underestimate the power of shiny.

  11. Re:Mac OS stole naming convention by Ethanol-fueled · · Score: 5, Funny

    Leopard and Snow leopard are like Metallica's Load and Re-load: you know it's gonna suck when they start running out of names. I wouldn't be surprised if they named 10.7 "Def Leopard".

  12. Well.. by Anonymous Coward · · Score: 5, Funny

    They did say that Snow Leopard frees up an extra 7GB for you...

  13. Oh man. Nightmare. by istartedi · · Score: 5, Insightful

    If one thing has been burned into my brain as a programmer, it's this:

    Crash all you want, but never, ever, ever harm, corrupt and by all that's holy, NEVER delete the user's data.

    The data is sacred. The data is life.

    --
    For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
  14. Ha-ha Windows users by HangingChad · · Score: 4, Funny

    We can't get a virus or trojans or....hey, where did my data go?

    --
    That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
  15. Re:I don't want to feed the trolls but... by CAIMLAS · · Score: 5, Insightful

    I'm sorry, but there's no way this should've fallen through QA cracks, because it should not have made it to QA in the first place. This kind of thing should never have been possible in the first place due to a clear segregation of permissions between "Admin" and everything else - particularly "guest".

    The fact that this is even possible suggests a much deeper flaw in the security mechanisms of OS X.

    --
    ~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
  16. Re:Mac OS stole naming convention by maugle · · Score: 4, Funny

    I'm waiting for OSX 10.14 ("Common Housecat").

  17. Can you take legal action? by HockeyPuck · · Score: 5, Insightful

    When will software/computer/IT companies be held to the same standards that other engineers (Civil, Electrical, Mechanical) are? If a bridge is built and it collapses due to a poor design, or a gadget catches fire or brakes are poorly designed, people head to their local courthouse and sue.

    In the computer world, people just accept that "All my photographs, resume, music, documents, tax returns, whatever" being lost forever is par for the course.

    How do you measure the value of data? You can't assign $/KB of data, as one couldn't equate a 20MB Stephen King unpublished manuscript to be equivalent to 4 hi-res pictures of my wife's flower garden. However, I'm not a fan or Stephen King, but my wife loves her flower garden.

    Should computers (or electric devices in general) with persistent storage carry a huge warning label on them that says,

    "Not guaranteed to maintain data integrity, always back up your data. Use at your own risk."

    1. Re:Can you take legal action? by raddan · · Score: 4, Insightful

      Software is held to the same standards, but you're comparing apples and oranges. Bridges and gadgets catching fire can kill you. Your wife losing a few photos is regrettable, but... come on.

      There is software which can kill you if it malfunctions. Avionics software (which spawned all kinds of guidelines, laws, and specialized programming languages), industrial control software, power network software, and so on. I assure you that people can be sued over poor design in these areas.

    2. Re:Can you take legal action? by slamb · · Score: 4, Insightful

      When will software/computer/IT companies be held to the same standards that other engineers (Civil, Electrical, Mechanical) are? If a bridge is built and it collapses due to a poor design, or a gadget catches fire or brakes are poorly designed, people head to their local courthouse and sue.

      When consumers are willing to wait (much) longer, pay (much) more, and/or get (much) less powerful software for the "not warranted for any particular purpose" to be removed from the license text. Don't hold your breath.

      It's entirely possible to make software that is rock-solid and that people will legally stand behind. But something has to be sacrificed to do so, and I don't imagine consumers will want that trade-off any time soon for the software on their desktop. Rather, people just complain about software developers not taking responsibility without really understanding what that would mean. It's like the old adage - good, fast, cheap, pick any two (if you're lucky). Unless the developers are just incompetent (which theoretically in non-monopolies the market will correct), it's hard to improve in one way without sacrificing something else. Software development is cumulative, so there's some hope of improvement over time - essentially you can mitigate the sacrifice of development speed through reuse - but that only takes you so far.

      Should computers (or electric devices in general) with persistent storage carry a huge warning label on them that says,

      What difference would it make? I think that it's common knowledge that you should take backups. Would putting that in warning label form make it more likely for people to actually do so?

    3. Re:Can you take legal action? by SoupIsGoodFood_42 · · Score: 4, Insightful

      When will software/computer/IT companies be held to the same standards that other engineers (Civil, Electrical, Mechanical) are?

      When you start paying $100,000 for an operating system?

  18. The cloud! by Gudeldar · · Score: 4, Funny

    If their data had been in the cloud this wouldn't have ... oh damn never mind.

  19. Re:Oh man. Nightmare. by zippthorne · · Score: 5, Interesting

    Yeah, they're definitely doing the guest user account wrong. They should be using tmpfs (or whatever OS X equivalent is) for the guest account. Then they don't have to delete anything, it disappears automatically.

    I used to use tmpfs for guest accounts on my ubuntu box for just that reason. That along with encrypted swap files with random keys generated on loading makes "deleting guest data" irrelevant (and lets you resize the temporary device on the fly arbitrarily high by adding more swap if you realize you're going to exceed your available physical ram or allotted space)

    You can populate the guest dir from a new-user template, or use unionfs type dealies.

    What I did was probably all wrong, but my point remains that you shouldn't have to delete stuff when you're done with the guest account. At the most, you should only have to forget a temporary encryption key, which ought to happen automagically in the event of a hard reboot.

    --
    Can you be Even More Awesome?!
  20. Re:I don't want to feed the trolls but... by davek · · Score: 5, Insightful

    I'm sorry, but there's no way this should've fallen through QA cracks, because it should not have made it to QA in the first place....

    So your solution to software quality problems is "don't make mistakes in the first place."? Have you ever released a production-level application before?

    --
    6th Street Radio @ddombrowsky