The Devil Take This Code

by infraredbiped

Ars Technica has the rundown on the crazy iOS and OS X 10.9+ SSL bug that enables brain-dead man-in-the-middle attacks. Apparently it was a cut-n-paste error in Apple’s implementation of SSL… a mistake so trivial that it’s going to give me nightmares.

Seems like Apple, the world’s most valuable company by market capitalization, may not be unit testing critical software libraries before major product releases.

This is what happens, Larry!

This is what happens, Larry, when you find a stranger in the Alps don’t write unit tests!

Advertisements