Q: How long is it going to take Apple to prepare an update to sort out this latest security threat? They appear to have known about it since early January and have not yet done anything to increase the secutiry for Mavericks users.

Soon.

10.9.2, I suspect.

We don't know, being just fellow users. All Apple's said is "very soon".  For now, you can avoid the largest part of the risk by just using Firefox or Chrome instead of Safari.

http://www.macworld.com/article/2099987/what-you-need-to-know-about-apples-ssl-b ug.html

Regards.

It really is kind of crappy. I get it iOS first but this is starting to go on way to long for the kind of problem this is.

Dont get me wrong the last thing we need is for apple to rush a fix out only to bust other things because it was not properly tested. Bottom line though we need this patch NOW.

If you want to send a message to Apple, this is not the right forum. Apple doesn't read it.

To tell Apple to get this fixed, use Apple's feedback page: https://www.apple.com/feedback/macosx.html

But don't just complain, send a message. When you submit your feedback to the above secure site, you need to make sure it is really going to Apple. And of course, the only way to do that on Mavericks right now is to use Google Chrome.

I agree, but there's no point in complaining to us here about it. We are all just fellow users and don't work for Apple and therefore can't do one thing to get the update to you more quickly. I'm sure Apple is working on it, but if you want to comment to them, use the feedback page.

Like any large company, Apple released the update affecting the largest number of users first...the iOS community.  The Mac OS X update will follow, but that gets a little more complex and may take a little longer to sort out...the Mac OS X community has many more browser options and communication options that have to be gotten right before a patch can be released.

Meanwhile Opera 12.15 is a good browser to use on the Mac until the situation is repaired.  Other Apple Apps though are equally affected that aren't web browsers but depend on internet passwords.

I'm not too sure about Firefox since http://www.gotofail.com/ at least on some versions consider it insecure even though they believe it to be secure.  Not sure why.

If your Mac is older than Mavericks release, you can install 10.8 on an external drive until the issue has resolved itself.   Alternatively, 10.6.8 Server is not affected either, though it may not be as compatible with the latest Java, but at least it presumably can be installed on any system with Parallels virtualization in place, regardless of what newer Mac OS X might have been prebundled.

https://discussions.apple.com/docs/DOC-2295#ROSETTALION

In the mean time, you might want to switch to Firefox for web browsing, since that seems to be immune to the SSL issue.

Firefox is not.  Try http://www.gotofail.com/

Some versions are succeptable.

And as the warning says applications such as Mail, Addressbook, Calendar, iTunes are all succeptable if they access password based SSL security.

Hi Carysan. As we are all aware there is an issue with the Mavericks security. However, this is ONLY on public wifi networks. Please keep you eye on software updates as there will be an update available in the near future.

a brody wrote:

 

Firefox is not.  Try http://www.gotofail.com/...

I did. Both the current release (v 27.0.1) and the current ESR version pass the test. I'm glad I use them for browsing and Thunderbird for email.