[dola]

What I wonder, is if Apple can be held responsible (to some extent) for damages that resulted due to this bug for app developers like a bank whose customers were robbed because the bank relied on the secure connection as it should have been provided by the Apple API. Clearly, the attacker is still the person to have exploited the bug but I think a developer should be able to assume that Apples security relevant API functionalities are indeed secure.

[spiralpolitik]

Remember that software license you clicked while installing ? Most likely it had something like:

THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

So yeah Apple can't be held responsible. If they could then the whole free software open source community would be in deep doo doo.

[rimantas]

Does it have a precedent with gaziilions of other bugs on all platforms? It is really fun to watch how "hey I understand this one" turns into "the most dangerous and evil bug on any platform evah".