Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
...testing that would have caught this bug would have involved creating tests that virtually duplicated the system under test...
This isn't even remotely true. Each one of the 'if' statements in the function could have been tested with a certificate that was broken in the way that the statement was checking for:
foreach (cert in MyBigAssCollectionOfCerts)
I'm guessing the test team (if they had one) didn't have a tool for creating a broken cert for each case.