My takeaway was that the NSA could have been involved in all the above, we just weren't paying as much attention before ;-)
Of course, whether the NSA was involved or not isn't the point of this article. The point is that high severity one-liner bugs have been made before.
I feel partly to blame. Until my comment on HackerNews revealing where the source code was, no one seemed willing to post more details about the bug (based on Twitter posts). But I think it will end well, as more people will pay attention to the code in future. Sadly, Apple has yet to share revised source code for the 10.9.2-shipping security library that I'm aware of.
Of course, whether the NSA was involved or not isn't the point of this article. The point is that high severity one-liner bugs have been made before.
I feel partly to blame. Until my comment on HackerNews revealing where the source code was, no one seemed willing to post more details about the bug (based on Twitter posts). But I think it will end well, as more people will pay attention to the code in future. Sadly, Apple has yet to share revised source code for the 10.9.2-shipping security library that I'm aware of.