Two sets of researchers revealed that insufficiently random choices of the prime numbers from which encryption keys are derived for Web site SSL/TLS certificates mean that the private parts of the keys can be derived. Fortunately, it’s not a flaw in an algorithm, and seems to affect only a small number of sites. Read the whole explanation in Glenn Fleishman’s account at Boing Boing. follow link
Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.