Hacker News new | ask | show | jobs
by alextgordon 3769 days ago
Isn't that discredited by Apple's "goto fail" bug? A critical function was mistakenly circumvented in an extremely transparent way, and yet the source code sat on their website for a long time without anybody noticing. Nobody even ran coverity on it.
1 comments
fleshweasel 3769 days ago
goto fail was in OpenSSL which many organizations use, but your point still stands.
link
stouset 3769 days ago
No, this was a bug in SecureTransport, Apple's custom TLS implementation.
link
fleshweasel 3769 days ago
Oops. You're right. Sorry.
link