Isn't that discredited by Apple's "goto fail" bug? A critical function was mista... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

alextgordon on Feb 28, 2016 | parent | context | favorite | on: Most software already has a “golden key” backdoor:...

Isn't that discredited by Apple's "goto fail" bug? A critical function was mistakenly circumvented in an extremely transparent way, and yet the source code sat on their website for a long time without anybody noticing. Nobody even ran coverity on it.

fleshweasel on Feb 28, 2016 [–]

goto fail was in OpenSSL which many organizations use, but your point still stands.

stouset on Feb 28, 2016 | [–]

No, this was a bug in SecureTransport, Apple's custom TLS implementation.

fleshweasel on Feb 29, 2016 | | [–]

Oops. You're right. Sorry.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact