Latest News: Technology |  Celebrity |  Movies |  Apple |  Cars |  Business |  Sports |  TV Shows |  Geek

Trending

Filed under: News | Apple

 

Apple Patches Its 'Gotofail' Security Bug For OSX After Four Days Of Anger

Feb 25 2014, 1:01pm CST | by

1 Updates
Apple Patches Its 'Gotofail' Security Bug For OSX After Four Days Of Anger
 
 

YouTube Videos Comments

Full Story

Apple Patches Its 'Gotofail' Security Bug For OSX After Four Days Of Anger

After a very long four days of snowballing criticism by the security community, Apple has fixed the critical security flaw in its software dubbed “gotofail,” which threatened to allow any untrusted network to disable the encryption on users’ communications.

The patch, released for OSX Tuesday, follows a similar update for iOS last Friday that first alerted security researchers to the bug. That earlier patch was quickly reverse engineered to reveal the source of the flaw–as well as the fact that the vulnerability existed in Apple’s desktop software as well, with no patch available.

A description of the update on Apple’s website makes no mention of the security problem it fixes, instead focusing on updated features of Apple software like Facetime and iMessage. But an email from Apple spokesperson Ryan James adds that the updates also “address the recent SSL encryption issue for both Mavericks and Mountain Lion.”

Apple had taken flak for exposing the critical vulnerability in its own software–which potentially affected Mail, Facetime, iMessage, Software Update and more–and then having no fix immediately available. “Come the hell on, Apple,” wrote one former Apple security engineer in a strongly-worded blog post. “You just dropped an ugly [zero-day vulnerability] on us and then went home for the weekend – goto fail indeed.”

Apple was also criticized for waiting for an update to OSX that included other features rather than pushing out an emergency fix for its security crisis. “Apple should patch #gotofail [encryption] bug as soon as possible, not bundle it in a 10.9.2 release with new features,” wrote Center For Democracy and Technology privacy researcher Runa Sandvik on Twitter.

Despite the growing backlash, Apple issued no warning to users about the flaw in OSX, leaving them to search for workarounds and unofficial patches. Its patch will be a welcome relief to millions of worried users. But the anger from four days of waiting for it with no word from Apple may take longer than four days to dissipate.


Follow me on Twitter , email me, anonymously send me sensitive documents or tips , and check out the new paperback edition of my book, This Machine Kills Secrets: Julian Assange, the Cypherpunks, and Their Fight to Empower Whistleblowers.

Source: Forbes

 

You Might Also Like

Updates


Sponsored Update


Advertisement


More From the Web

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Getty Images
Courteney Cox at 50: 'Friends' star dazzles in smoking-hot bikini
The adorable actress, known for her role in U.S. sitcom, "Friends," is making waves in a 50-is-the-new-21 way.
 
 
George Takei came out because of Arnold Schwarzenegger
George Takei came out because of Arnold Schwarzenegger
Legendary Star Trek actor reveals why he came out. The reason is no other than Terminator actor Arnold Schwarzenegger.
 
 
Miss America 2014 Parade to Feature First Ever 3D Printed Shoes
Miss America 2014 Parade to Feature First Ever 3D Printed Shoes
Thanks to Maggie Bridges and Georgia Tech, we will see the first 3D printed shoes on the stage of the shoe parade
 
 
Vicki Gunvalson Flirting With David Beador
Vicki Gunvalson Flirting With David Beador
The Real Housewives of Orange County star Vicki Gunvalson admitted flirting with "hot" co-star David Beador
 
 
 

About the Geek Mind

The “geek mind” is concerned with more than just the latest iPhone rumors, or which company will win the gaming console wars. I4U is concerned with more than just the latest photo shoot or other celebrity gossip.

The “geek mind” is concerned with life, in all its different forms and facets. The geek mind wants to know about societal and financial issues, both abroad and at home. If a Fortune 500 decides to raise their minimum wage, or any high priority news, the geek mind wants to know. The geek mind wants to know the top teams in the National Football League, or who’s likely to win the NBA Finals this coming year. The geek mind wants to know who the hottest new models are, or whether the newest blockbuster movie is worth seeing. The geek mind wants to know. The geek mind wants—needs—knowledge.

Read more about The Geek Mind.