Apple and the SSL/TLS bug: Open questions | Apple, Mac, iOS4, iPad, iPhone and (in)security... | Scoop.it
[UPDATE] It says something about Apple's priorities that they fixed the iOS version of a very serious bug but left Mac users conspicuously vulnerable.


The SSL bug Apple patched on iOS on Friday is a shocking and embarrassing one. That it appears to have been in both iOS and OS X for some time and the way Apple is addressing it show both that Apple knows how serious it is and that Mac users play second fiddle in Apple's orchestra. 

Apple has only released a patch for iOS, not OS X.


Make no mistake about it, this is a very serious bug. The bug makes it fairly straightforward to intercept and decrypt SSL/TLS communications, probably the most important security protocol there is today.


Any time you see Apple (or really any major vendor) release an update that fixes a single bug, you can be sure it's a high-priority bug. And there's no reason to believe that it's higher-priority for iOS users than for Mac users.


So why did they not fix OS X at the same time? Because OS X isn't top priority anymore.