If anyone from Apple is reading and can influence this - could you convince whomever needs to be convinced that you ought to have less vague/shitty release notes, particularly wrt issues like this?
They cover security issues in a separate announcement (listed on http://support.apple.com/kb/HT1222), but only a few hours after the update has been released. I do think high-impact security issues like this SSL bug deserve a mention in the release notes as well.
Looks like they're just trying to not make it obvious that Macs can have security problems. I don't think many regular users (who probably think Macs are invincible) are going to actively look for security announcements about their invincible Mac. And when they look at the release notes, many of them won't be convinced to stop what they're doing and install some unnecessary updates.
I wonder if their hope is everything transitions to something like iOS before this is falsified in a widespread way on OSX in public.
In corporate settings with desktop management, Macs are actually a huge pain to deal with; Windows maybe starts from crappier defaults but there's a much more mature industry around locking it down.
most definitely the right person is reading this, Apple is a bottom-up corporation and someone reading HN could just talk to their manager and have the complaint heard by the right person.
>Safari can't open the page "https://www.imperialviolet.org:1266" because Safari can't establish a secure connection to the server "www.imperialviolet.org".
