In the words of Arie Van Deursen, professor in software engineering at Delft University of Technology in the Netherlands,
“When first seeing this code, I was once again caught by how incredibly brittle programming is. Just adding a single line of code can bring a system to its knees.”
Not only that - but the flawed code has been both used and published for 18 months, and tested by a government security organisation which passed it for use. Software bugs can be pernicious - and they can lurk in the most essential areas. And even companies which have been writing software for decades can fall foul of them.
But the former staffer at Apple says that unless the company introduces better testing regimes - static code analysis, unit testing, regression testing - “I’m not surprised by this… it will only be a matter of time until another bomb like this hits.” The only - minimal - comfort: “I doubt it is malicious.”
I'm inclined to say suspicious but not malicious, but it's really damned irksome that Apple reported the bug on January 8th, shipped two iOS 7 betas that included said bug, then finally get around to fixing iOS 7, but delay the Mavericks update for 4 additional days so they can more conveniently bundle it with a pending update? That's a serious “giving a shit” fail in my book.