The dangers behind Apple’s epic security flaw

Apple’s SSL bug first reared its head on Friday, when a mysterious, urgent update began pouring out to iOS devices. From there, the news just got worse. It wasn’t just an iOS bug, but a problem in Apple’s SecureTransport platform, present in OS X 10.9 for desktop and reaching back to iOS 6 on mobile. As of press time, it’s still unpatched on the Mac, although company reps say they are aware of the issue and “already have a software fix that will be released very soon.” In a quote that was repeated over and over this weekend, Johns Hopkins cryptographer Matthew Green tweeted about the vulnerability, “It’s seriously exploitable and not yet under control.” So how bad is it, really?

Continue reading…

The Verge – All Posts

Leave a Comment