OpenSSL

Two 'OpenSSL' stories April 2014

Strange bug has stopped some streaming video apps from playing content

As noted by the BBC, some video apps on iOS have inexplicably stopped working today. Videos simply fail to stream, resulting in error messages like the one shown above. The cause of the issue is still unclear, but the bug is affecting multiple high-profile apps in the UK such as BBC iPlayer and Sky Go. Whether the issue is more widespread is not yet known.

It is unknown whether the bug is an issue with Apple’s software or with the third-party app developers. However, as both independent services have failed on the same day it seems like the problem lies with iOS itself. Setting the date on your iPhone or iPad to the past will make videos play again, which suggests the error may be related to expired digital certificates.

Apple says Heartbleed security flaw did not affect its software or services

With an estimated half a million sites vulnerable to the “Heartbleed” vulnerability revealed earlier this week, which allows an attacker to access user details of websites previously believed to be secured by industry-standard SSL/TLS, your favorite social networks, stores, and other services around the web could potentially be handing out your password or other personal information to anyone who exploits the issue.

The bug exists in a library called OpenSSL, which is an open-source SSL implementation that many—but not all—web services use to secure sensitive traffic. If a website you use is affected by the bug, your personal data could be given to just about anyone. Unfortunately, changing your password on an unsecure site won’t even help unless the site’s owners have installed a fix (because the attackers can simply exploit the bug again to get your new password).

This serious issue affects a number of high-profile sites, but it seems your Apple ID is safe. Today, Apple gave the following statement to Re/code:

Expand
Expanding
Close