- The Allure of Medical Magnets and Other Unproven ‘Cures’
- 10 College Majors You May Regret Choosing
- Should the Knee Defender Be Allowed on Airline Flights?
- Wireless Carriers Duke It Out With Unlimited Data Plans
- You Won’t Believe What Hotels Are Charging for Now
- Ask Stacy: Will the $16.65B Bank of America Settlement Help Me With My Mortgage?
- Is Your Online Love Interest Putting Your Money at Risk?
- Rent Is Higher Than Ever in Most US Metro Areas
It was a long four days for Mac users waiting for Apple Inc. to issue a fix for a critical security flaw in Macintosh computers.
The security bug, dubbed “gotofail,” left users vulnerable to account hijacking and potential eavesdropping, CNET says.
The OS X computer operating software fix issued on Tuesday follows an iOS fix issued for iPhones last week.
That caused many to wonder: What the heck took so long? And how about a detailed explanation?
“Instead, it’s been left to journalists … and outside security researchers … to explain what’s happening in blog posts as well as tweet advice out to alarmed Macheads lucky enough to be on Twitter to see it,” Kashmir Hill wrote on Forbes.
By not releasing the iOS and OS X fixes simultaneously, Apple left laptop and desktop users vulnerable during that time — and security experts aghast at the company’s delays. Ryan Lackey, a longtime Apple user who founded CryptoSeal, said on Twitter yesterday that: “Whoever at Apple decided to wait 4+ days for 10.9.2 to patch the OSX vulnerability needs to no longer be in that position.”
How long has this flaw been around? Apple’s not answering that either. Says Reuters:
Researchers have said the bug could have been present for months. Apple has not said when or how it learned about the flaw in the way iOS handles sessions, in what are known as secure sockets layer (SSL) or transport layer security. Nor has it said whether the flaw was being exploited.
Are you an Apple user? What do you think of Apple’s response to the security flaws? Share your comments below or on our Facebook page.