Anatomy of a “goto fail” – Apple’s SSL bug explained, plus an unofficial patch for OS X!

Apple just patched an SSL/TLS bug in iOS – but the flaw is not yet fixed in OS X. Paul Ducklin comes to the rescue with explanations, mitigations, and even an unofficial patch! (For educational purposes only, you understand.)
Naked Security – Sophos