* Posts by christiaanbrand

1 publicly visible post • joined 22 Feb 2014

Update your iThings NOW: Apple splats scary SSL snooping bug in iOS

christiaanbrand

IP address say whotttt?

This explanation about what the flaw entails makes absolutely no sense to me. SSL validation has got no bearing on the IP address of the host. And if they've just simply turned off CN validation (which is what everything's pointing to at the moment) for all iOS handled SSL connections, they should get sued for gross negligence.

We've been advocating using your own SSL channel (such as what Chrome uses on iOS) for years, especially if the data you're sending can be misused for financial gain. Having the OS handle cryptography is simply a bad idea.