Posted: . At: 11:53 AM. This was 10 years ago. Post ID: 7008
Page permalink. WordPress uses cookies, or tiny pieces of information stored on your computer, to verify who you are. There are cookies for logged in users and for commenters.
These cookies expire two weeks after they are set.

Thoughts on the new Apple SSL vulnerability.

The new Apple SSL vulnerability is a concerning bug in the Apple Macintosh iOS and desktop operating systems. This allows SSL spoofing as it will allow a faked SSL vulnerability to pass as a real one. Apparently it uses ports 1266 & 1267, if you block these with your firewall, this should alleviate this threat if you are running a vulnerable Macintosh operating system. I am testing this on OSX 10.8.5, but since I am behind a proxy, the test site at https://gotofail.com/# does not work properly, negating the test. The firewall is blocking the aforementioned ports. But this needs to be fixed properly by Apple. Bugs like this can hurt the image of Apple and their operating system. There is a patch available for Apple OSX Mavericks. This patch should be installed as soon as possible to protect your system. Get some information about this patch here: http://support.apple.com/kb/HT6150. There are also official Apple iOS updates that protect against this vulnerability. Get it here: http://support.apple.com/kb/HT6147. I am using an iMac right now to write this blog post. The mouse with the tiny ball scroll “wheel” takes some getting used to, but you can right-click after all. And you have to press Command-V to paste text instead of Ctrl-V. The lovely 1080p screen makes up for any other shortcomings, and you have access to a UNIX shell with the terminal app.

Here is the shell that you use.

Admins-iMac-166:~ admin$ echo $SHELL
/bin/bash

And here is the OSX 10.8.5 kernel version.

Admins-iMac-166:~ admin$ uname -a
Darwin Admins-iMac-166.local 12.5.0 Darwin Kernel Version 12.5.0: Mon Jul 29 16:33:49 PDT 2013; root:xnu-2050.48.11~1/RELEASE_X86_64 x86_64

There are not that many commands available for the Apple terminal. The wget command is not available, but the ifconfig command works as usual.

Admins-iMac-166:~ admin$ ifconfig en1
en1: flags=8863 mtu 1500
	ether 00:1f:5b:c4:0e:b4 
	inet6 fe80::21f:5bff:fec4:eb4%en1 prefixlen 64 scopeid 0x5 
	inet 172.29.59.165 netmask 0xffffff00 broadcast 172.29.59.255
	media: autoselect
	status: active

So, with the patch applied, a Macintosh computer can be safe to use on the web again. Just be sure to use the test website link to test your SSL implementation.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.