[opensource-dev] macOS 10.14 deprecation of OpenGL, what does this mean for SL?
kadah.coba at gmail.com
Wed Jun 6 15:25:50 PDT 2018
Exactly. Apple just didn't tell us they were doing that and went to full
disabled instead of starting with warnings like what browser and other
apps did for a short while before defaulting to disabled. What didn't
help is that Apple's disabled didn't work properly with their own apps
as those would often still try to use SSLv3 instead of TLS when TLS was
available, that was issue. lol
Over the years, I've dealt with Apple suddenly changing or
"unsupporting" something and having all my Apple users at work unable to
do or use some app anymore. Apple has gotten a bit better at this,
having only done it every other year instead of several per.
On 6/5/2018 5:43 PM, Cinder Roxley wrote:
> SSLv3 was disabled because it’s exploitable!
> On June 5, 2018 at 4:05:36 PM, Kadah Coba (kadah.coba at gmail.com
> <mailto:kadah.coba at gmail.com>) wrote:
>> On 6/4/2018 10:41 PM, Dahlia Trimble wrote:
>> > I can't believe that Apple will remove an API that so many
>> > applications use.
>> I've seen Apple do worse in the past with less warning.
>> Apple disabled SSLv3 by default in iOS 9 and an OSX update (maybe around
>> 10.11, can't remember) without warning. This would have been fine since
>> any updated server would also support TLS, except Apple screwed up
>> somewhere and many Apple apps, like Mail, would still attempt to connect
>> using SSLv3 but then fail with a typically Apple style unhelpful error
>> when the OS doesn't allow it to use SSLv3 because the app's plist config
>> doesn't allow for an exception.
>> I got around this by disabling SSLv3 and enforcing TLS only, which
>> flagged dayed email for Apple users. Before I did that, if they updated
>> to iOS9, they couldn't get email; after I made the changes, they
>> required iOS9, and likely an account delete and readd on their phone
>> because Apple.
>> Policies and (un)subscribe information available here:
>> Please read the policies before posting to keep unmoderated posting
> Policies and (un)subscribe information available here:
> Please read the policies before posting to keep unmoderated posting privileges
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the opensource-dev