“In 2011, Apple told its developers that it would be deprecating OS X’s Common Data Security Architecture including OpenSSL, describing it as an outdated relic of the late 1990s,” Daniel Eran Dilger reports for AppleInsider. “Nearly three years later, OpenSSL was hit by a severe flaw that affected a wide swath of vendors and their users, but not Apple.”
“When it announced plans to deprecate OpenSSL in June 2011, Apple wasn’t aware of the Heartbleed flaw because it didn’t yet exist,” Dilger reports. “However, the company was aware of other problems with OpenSSL (libcrypto), a security toolkit Apple began using within the Common Data Security Architecture more than a decade ago.”
Much more in the full article here.
[Thanks to MacDailyNews Reader “Dan K.” for the heads up.]