Anatomy of a “goto fail” – Apple's SSL bug explained, plus an …

Anatomy of a “goto fail” – Apple's SSL bug explained, plus an …

Apple just patched an SSL/TLS bug in iOS – but the flaw is not yet fixed in OS X. Paul Ducklin comes to the rescue with explanations, mitigations, and even an unofficial patch! (For educational purposes only, you understand.) If a rogue developer, that's a pretty strange way to insert your little bug, instead of trying to do some remote code executes or backdoors. And it's something that even basic code reviews should pick up on. If a mistake and code reviews missed it, 

5
Like
Save

Comments

Write a comment

*