Linked by Thom Holwerda on Thu 12th Nov 2015 17:48 UTC
Mac OS X

Mac users faced trouble with their apps overnight after the security certificate Apple uses to prevent piracy expired late on Wednesday.

Applications downloaded from the Mac App Store were temporarily unavailable from 10pm UK time, when a security certificate expired, five years after its creation, with no replacement immediately available.

Even once Apple fixed the error, issuing a new certificate for the apps (with an expiry date of April 2035, this time), users were still faced with problems. Those who could not connect to the internet couldn’t verify the new certificate, while those who had forgotten their password or couldn’t log in to iCloud for some other reason are also unable to use the downloaded apps until they can log in to the service.

My tweet from yesterday seems apt here. Unbelievably incompetent.

Order by: Score:
Just one of the pitfalls of Certificates
by shotsman on Thu 12th Nov 2015 18:41 UTC
shotsman
Member since:
2005-07-22

I'll be using this as an example of how not to do certificate management.
Sadly, Apple is far from being alone here. I have made a good deal of money over the years fixing problems where a certificate has been allowed to lapse and Productions systems have stopped. Even with email notifications it still happens.
One company took almost two weeks to approve the purchase of a new certificate AFTER the old one had expired.
with increasing use of TLS etc this problem will only get worse and .... well the consequences are only too apparent.

Reply Score: 6

Kochise
Member since:
2006-03-03

Type "Elephone Vowney" in your favorite search engine. Hint : less than half the price of the most expensive iPhone.

Reply Score: 2

Forgot their password!!!! :-O
by brostenen on Fri 13th Nov 2015 00:40 UTC
brostenen
Member since:
2007-01-16

Forgetting you'r password, even if +16 upper/lower-case+number's in a random mix. Well...

Even that makes a user equals as incompetent as Apple.
Just tough lesson, forgetting a password.
Even more incompetent if those wich forgot, do not learn from that.

Just say'ing.

Edited 2015-11-13 00:43 UTC

Reply Score: 0

RE: Forgot their password!!!! :-O
by MacTO on Fri 13th Nov 2015 02:07 UTC in reply to "Forgot their password!!!! :-O"
MacTO Member since:
2006-09-21

How so?

Many people enter their password a handful of times, and lets the computer remember it afterwards.

Or they enter their passwords a handful of times, and they don't use the service for an extended time.

Or they use multiple services with different passwords, and forget which is associated with which.

The list can go on.

Reply Score: 4

RE: Forgot their password!!!! :-O
by nicubunu on Fri 13th Nov 2015 06:39 UTC in reply to "Forgot their password!!!! :-O"
nicubunu Member since:
2014-01-08

if you have a sane policy and use a different (and strong) password for each service (and don't write them down), then is likely from time to time you will forget one.

Reply Score: 6

Comment by Shane
by Shane on Fri 13th Nov 2015 00:54 UTC
Shane
Member since:
2005-07-06

Been doing a fair bit of infrastructure work lately. PKI is a pain in the ass.

Reply Score: 3

Comment by stormcrow
by stormcrow on Fri 13th Nov 2015 15:00 UTC
stormcrow
Member since:
2015-03-10

And yet another example why DRM (this cert is used only to prevent software piracy) is bad for everyone.

Reply Score: 4

Comment by Phloptical
by Phloptical on Mon 16th Nov 2015 02:23 UTC
Phloptical
Member since:
2006-10-10

Damn, I want to purchase a cert that's good for 20 years too. Like from Apple for APN. Annual APN cert renewal....its BS.

Reply Score: 2