Among other things, Mac, iPhone, and iPad user Rush Limbaugh on Tuesday discussed Apple and the company’s ‘GotoFail’ security flaw.
The 3-hour Rush Limbaugh Show airs daily on a network of approximately 590 AM and FM affiliate stations. The program is also broadcast worldwide on the U.S. Armed Forces Radio Network.
From the live on-air transcript:
Here it is, in a nutshell, folks. It’s not time to panic. There’s so much media on it. In the tech media and in the standard news media: Think of Apple as the Republicans. They’re despised and they’re hated.
The only difference is, Apple is number one and very successful and knows exactly what they’re doing. The Republicans don’t. There’s no comparison between Apple and Republicans in terms of achievement, accomplishment, but in terms of being hated and despised, they’re very close. What this security flaw is — and it primarily would affect you if you’re on a public Wi-Fi network, like at an airport or a Starbucks or any other kind of Internet cafe.
If you are on your home network, make sure it’s password protected, but even then, nobody’s gonna target your home network. They can’t get to it. It’s too small. Don’t worry about hackers… Your biggest vulnerability is on a [public] network, and what’s happened is, there is a line of code that doesn’t exist that enables… It’s called a man-in-the-middle attack.
The way to visualize this is you’re in Starbucks and you’re on your Mac, and you’re using the Web browser Safari, and there’s a hacker in there, and he’s able to follow everything you do. That’s the security flaw. Therefore, if you go online to pay a bill, the hacker sees your data and everything you need to get online and connect to your bank. Now, there are no reports of this exploit having been used yet. It’s not easy to do. The hacker would have to be extremely proficient.
That is the simplest way to explain it…
You can use the Chrome or Firefox browsers. They are not vulnerable. So this vulnerability existed on iPhones and iPads, and that was patched on Friday afternoon. They’re now secure. The media is scratching its head over why Apple has not patched the Mac OS X… Apple’s getting a lot of grief for not making a big deal out of this. They sent the software patch for the iPhones and the iPads out on Friday at four o’clock in the afternoon when nobody notices anything. I actually think that it was wise for Apple not to make a big to-do about this because all that would have done would have been waving a big, white flag or red flag to the bull, to the hackers, to have been trumpeting some vulnerability. I think they played it just right. Besides, the media’s gonna do that anyway, which they are in the process of doing. Which is why I wanted to bring a little bit of proportion and reason to it.
Much more in the full transcript here.
MacDailyNews Note: The flaw has been fixed with the release of OS X 10.9.2 a few hours ago. More info: Apple releases OS X Mavericks 10.9.2
Related articles:
Apple fixes OS X ‘GotoFail’ security flaw after four days of snowballing criticism – February 25, 2014
Apple releases OS X Mavericks 10.9.2 – February 25, 2014
Apple on OS X ‘GotoFail’ flaw: – February 25, 2014
Security expert captures all SSL traffic via Apple’s OS X ‘GotoFail’ flaw – February 25, 2014
Apple’s deafening silence on ‘GotoFail’ security flaw – February 24, 2014
8 ways to stay safe online while Apple works to fix ‘Gotofail’ flaw – February 24, 2014
Reasons for delay in SSL fix to OS X unclear as a single line of code found responsible – February 24, 2014
Single line of code, but still no fix; former Apple security engineer Paget to Apple: ‘FIX. YOUR. SHIT.’ – February 24, 2014
Apple promises to fix OS X encryption flaw ‘very soon’ – February 23, 2014
Behind iPhone’s critical ‘GotoFail’ security bug, a single bad, really bad ‘goto’ – February 22, 2014
Protect a Mac from the SSL / TLS security bug (until fix arrives) – February 22, 2014
