Question for Mac devs re Heartbleed

I’ve been writing about Heartbleed on the home page of Scripting News today.

I have a question for Mac developers. If you are creating an app that uses SSL, do you implement it yourself or do you call a system routine?

I’m sure you see what I’m getting at. If you’re a developer that depends on an operating system vendor’s implementation of SSL, and they’re taking time to update it, does that leave your services open?

I’m asking about the Mac because I use Macs. I’m wondering for example if Dropbox has a security issue because the Mac has one. And Chrome, and whatever else I’m using that communicates securely with a server.

I’m also guessing that Google has their systems secured because they were the ones who initially reported the vulnerability.


About Dave Winer

Dave Winer, 54, pioneered the development of weblogs, syndication (RSS), podcasting, outlining, and web content management software; former contributing editor at Wired Magazine, research fellow at Harvard Law School, entrepreneur, and investor in web media companies. A native New Yorker, he received a Master's in Computer Science from the University of Wisconsin, a Bachelor's in Mathematics from Tulane University and currently lives in Berkeley, California.
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s