https://truthimperative.axley.net/tags/mobile/Recent content in Mobile on The Truth ImperativeHugoen-usThu, 17 Apr 2014 15:05:00 -0700https://truthimperative.axley.net/2014/04/ios-clients-not-vulnerable-to.htmlThu, 17 Apr 2014 15:05:00 -0700https://truthimperative.axley.net/2014/04/ios-clients-not-vulnerable-to.html<p><img alt="" height="413" id="h-rh-i-0" src="https://truthimperative.axley.net/heartbleed.png" width="341"></p> <p>Apple&rsquo;s language in their assertion that they are not vulnerable to heartbleed on iOS are troubling as they specifically say (via <a href="https://recode.net/2014/04/10/apple-says-ios-osx-and-key-web-services-not-affected-by-heartbleed-security-flaw/">ReCode</a>), &ldquo;IOS and OS X never incorporated the vulnerable software&hellip;&rdquo;  However, not incorporating the vulnerable OpenSSL software is merely one way that their customers could have been made vulnerable.  What about the Apple SSL/TLS implementation?  Has anyone checked it?  Did they incorporate <a href="https://tools.ietf.org/html/rfc6520">RFC 6520</a> for heartbeat support?  I couldn&rsquo;t find anything Google so figured I would share what I found.</p>