Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
 Your new post is loading...
Your new post is loading...
Scoop.it!
Apple has released an update for OS X that, among other things, patches the infamous "gotofail" bug whose existence was publicly revealed last Friday. 
No comment yet.
Sign up to comment
Scoop.it!
Apple has just issued OS X Mavericks version 10.9.2, fixing the same serious SSL security hole that they patched for iPhone and iPad users at the end of last week.
Gust MEES's insight:
Scoop.it!
[UPDATE] It says something about Apple's priorities that they fixed the iOS version of a very serious bug but left Mac users conspicuously vulnerable. The SSL bug Apple patched on iOS on Friday is a shocking and embarrassing one. That it appears to have been in both iOS and OS X for some time and the way Apple is addressing it show both that Apple knows how serious it is and that Mac users play second fiddle in Apple's orchestra. Apple has only released a patch for iOS, not OS X. Make no mistake about it, this is a very serious bug. The bug makes it fairly straightforward to intercept and decrypt SSL/TLS communications, probably the most important security protocol there is today. Any time you see Apple (or really any major vendor) release an update that fixes a single bug, you can be sure it's a high-priority bug. And there's no reason to believe that it's higher-priority for iOS users than for Mac users. So why did they not fix OS X at the same time? Because OS X isn't top priority anymore.
Gust MEES's insight:
Scoop.it!
If it wasn't yet clear to Apple that its 'gotofail' security flaw has the undivided attention of the information security industry, one of its own recently departed star engineers just spelled out the severity of that bug in highly profane terms. "WHAT THE EVER LOVING F**K, APPLE??!?!!" wrote former Apple security [...] Paget, a well-regarded researcher who left her position on Apple’s security team for a job at Tesla just earlier this month, wrote perhaps the most scathing critique yet of the company’s security response to its “gotofail” bug, which would allow a wide array of Apple programs’ SSL-encrypted communications to be hijacked, eavesdropped or corrupted. The vulnerability, which earned its nickname due to being caused by a single misplaced “goto” command in Apple’s code, was patched Friday for iOS. But researchers quickly found that it affected Apple’s desktop OSX software as well, ===> and the company has yet to fix the desktop version of the bug. <===
Gust MEES's insight:
Scoop.it!
Wer mit iPhone oder iPad vermeintlich verschlüsselte Nachrichten verschickt, könnte laut Apple zum Opfer von Hackern werden. Beheben soll das Problem ein Sicherheits-Update. ===> Doch Experten zufolge schützt es nicht alle Betroffenen. <===
Gust MEES's insight:
|
Scoop.it!
Apple est finalement parvenu à corriger la faille de sécurité majeure qui a touché ses systèmes d'exploitation
Gust MEES's insight:
Scoop.it!
Apple's Mail, FaceTime, Calendar, Safari browser and Software Update could be vulnerable, a researcher said.
Gust MEES's insight:
Scoop.it!
Besitzer eines iPhones, iPads oder eines iPod Touch sollten sofort ein wichtiges Sicherheits-Update installieren. Ihre verschlüsselten Verbindungen können gehackt werden. Für MacOS-Nutzer gibt es noch keinen Patch.
Gust MEES's insight:
Scoop.it!
Apple has quietly pushed out a security update to iOS, the operating system used by its flagship iPhone and iPad products. ===> A shame then that Mac OS X doesn't yet have a patch... <===
Gust MEES's insight:
Scoop.it!
The tech giant fixes a security problem in iOS that affected encrypted connections. Apple on Friday released the latest update of its mobile operating system. It's of note because it fixes an SSL connection issue, an important encryption vulnerability. SSL, or Secure Sockets Layer, is one of the most basic forms of encrypting Internet traffic. Without it, almost anybody can see what you're doing online. According to Apple's fulldescription of the update, the software previously had problems validating the authenticity of the connection, and the software fix restores steps that were missing in the validation process.
Gust MEES's insight:
|
Learn more:
- http://www.scoop.it/t/apple-mac-ios4-ipad-iphone-and-in-security/?tag=gotofail