The Apple SSL bug existed, and remained undetected for a year and a half, because Apple wasn't testing their browser against dodgy certificates. And it made us unsafe because the NSA, amongst presumably many other individuals and organisations government and otherwise, were. →