jfruh writes: "HTTPS has long been a part of good Web security strategy, but apparently Apple didn't get the memo. The company's wildly successful app store for iOS didn't encrypt traffic via HTTPS by default until January 23 of this year. The researcher who discovered ways to exploit this vulnerability says he alerted Apple back in July of 2012."
"More software projects have gone awry for lack of calendar time than for all
other causes combined."
-- Fred Brooks, Jr., _The Mythical Man Month_