Trending

Filed under: News | Apple

 

Apple Patches Its 'Gotofail' Security Bug For OSX After Four Days Of Anger

Feb 25 2014, 1:01pm CST | by

1 Updates
Apple Patches Its 'Gotofail' Security Bug For OSX After Four Days Of Anger
 
 

YouTube Videos Comments

Full Story

Apple Patches Its 'Gotofail' Security Bug For OSX After Four Days Of Anger

After a very long four days of snowballing criticism by the security community, Apple has fixed the critical security flaw in its software dubbed “gotofail,” which threatened to allow any untrusted network to disable the encryption on users’ communications.

The patch, released for OSX Tuesday, follows a similar update for iOS last Friday that first alerted security researchers to the bug. That earlier patch was quickly reverse engineered to reveal the source of the flaw–as well as the fact that the vulnerability existed in Apple’s desktop software as well, with no patch available.

A description of the update on Apple’s website makes no mention of the security problem it fixes, instead focusing on updated features of Apple software like Facetime and iMessage. But an email from Apple spokesperson Ryan James adds that the updates also “address the recent SSL encryption issue for both Mavericks and Mountain Lion.”

Apple had taken flak for exposing the critical vulnerability in its own software–which potentially affected Mail, Facetime, iMessage, Software Update and more–and then having no fix immediately available. “Come the hell on, Apple,” wrote one former Apple security engineer in a strongly-worded blog post. “You just dropped an ugly [zero-day vulnerability] on us and then went home for the weekend – goto fail indeed.”

Apple was also criticized for waiting for an update to OSX that included other features rather than pushing out an emergency fix for its security crisis. “Apple should patch #gotofail [encryption] bug as soon as possible, not bundle it in a 10.9.2 release with new features,” wrote Center For Democracy and Technology privacy researcher Runa Sandvik on Twitter.

Despite the growing backlash, Apple issued no warning to users about the flaw in OSX, leaving them to search for workarounds and unofficial patches. Its patch will be a welcome relief to millions of worried users. But the anger from four days of waiting for it with no word from Apple may take longer than four days to dissipate.


Follow me on Twitter , email me, anonymously send me sensitive documents or tips , and check out the new paperback edition of my book, This Machine Kills Secrets: Julian Assange, the Cypherpunks, and Their Fight to Empower Whistleblowers.

Source: Forbes

 

You Might Also Like

Updates


Sponsored Update


Advertisement


More From the Web

Shopping Deals

 
 
 

<a href="/latest_stories/all/all/31" rel="author">Forbes</a>
Forbes is among the most trusted resources for the world's business and investment leaders, providing them the uncompromising commentary, concise analysis, relevant tools and real-time reporting they need to succeed at work, profit from investing and have fun with the rewards of winning.

 

 

Comments

blog comments powered by Disqus

Latest stories

Brian Williams is Hilarious on The Tonight Show with Jimmy Fallon
Brian Williams is Hilarious on The Tonight Show with Jimmy Fallon
What is even funnier than the Tonight's show fake rap videos of Brian Williams is watching him as guest on the show. Brian Williams was guest on the The Tonight Show Starring Jimmy Fallon this week. Watch the full appearance bowl. It is hilarious. Also watch the latest Brian Williams rap. It is viral with over 6m views.
 
 
Mariah Carey Booked Entire Plane Cabin
Mariah Carey Booked Entire Plane Cabin
Mariah Carey is known for her luxurious lifestyle. Carey recently booked an entire first class air plane cabin for travelling from New York to France at cost of £70,000.
 
 
Orange is the new Black Season 2 Trailer Released
Orange is the new Black Season 2 Trailer Released
The first trailer for season 2 of the Netflix hit series Orange is the new Black has been released. Watch it below.
 
 
Russian Bombers warded off by NATO Forces
Russian Bombers Entered into Dutch, British Airspace
Two Russian bombers that had entered into Dutch and British airspace were warded off by NATO forces.
 
 
 

The Hottest Photos of Victoria's Secret Fashion Show 2013