Wednesday, March 5, 2014

A goto fails the iPhone

Apple released iOS version 7.0.6 last week. The update was to patch a security issue in its implementation of SSL (Secure Socket Layer) Encryption, the method by which the internet protects itself against eaves dropping. Companies usually provide details of security flaws, the nature of the vulnerability and how attackers exploit it, along with the patch that eliminates the vulnerability. Apple did none of these things, which led Security Experts to wonder about the exact problem. And when it came out, it stunned them. Some software bugs are infinitely subtle and complicated. Others are comprehensible almost at a glance to anyone who dabbled in BASIC as a kid. The iOS 7 bug is in the latter group.


The problem: a goto statement – a programming mistake that even newbie programmers avoid.

0 comments: