[RunawayGalaxy]

I think that there's a point where negligence becomes culpable. Given that, I'm considering 2 questions:

1) Suppose Apple sells potentially vulnerable software to users and knowingly refuses to curb market demand for potential exploits to the benefit of their bottom line. When a zero-day is discovered and sold to the highest bidder, what percentage of the blame does Apple deserve?

2) How does that percentage change with respect to the following? (a) potential number of users affected (b) cost of a bounty program as a percentage of total profit from sale of the vulnerable software