ZDnet broke a story about a critical error in macOS 10.13.0, 10.13.1 (current), and 10.13.2 Beta. The issue is that the system allows login of the “root” user, with no password. Simply wake up the Mac, go to the logon screen, and select “Other User”. Enter a username of “root” with a blank password.
Enjoy the ownership of a new Mac; no special hacker skills needed. The ZDnet article is here:
http://www.zdnet.com/article/stupid-stupid-macos-security-flaw/
Apple released new patches today, 11/29/2017 to fix this issue. This applies to the current macOS release, 10.13.1. This is fourth password-related flaws since the High Sierra release in September 2017.
For Apple enthusiasts, note that this is a security bug that doesn’t necessarily affected privacy.
Security is not the same as Privacy.