> Why has this been made public before a fix has been properly rolled out everywhere?
It looks like apple has had over 400 days to fix this. That's already more time than I'd have given them. It's far better that apple users are told what their risks are than to just leave apple users ignorant of the danger for another year+ by not saying anything while praying that nobody else is already aware of the flaw and quietly exploiting this.
I'm all for giving companies time to fix their bugs, but at a certain point it becomes more irresponsible to not inform the people impacted.
It looks like apple has had over 400 days to fix this. That's already more time than I'd have given them. It's far better that apple users are told what their risks are than to just leave apple users ignorant of the danger for another year+ by not saying anything while praying that nobody else is already aware of the flaw and quietly exploiting this.
I'm all for giving companies time to fix their bugs, but at a certain point it becomes more irresponsible to not inform the people impacted.