A first application demonstrating the technology has just been released for the iPad2. The technology should be available on other devices with similar computational power soon.
As part of the attack, the anonymous researchers obtained a signature certificate from VeriSign for a company named Apple Computer
You have to fool VeriSign first, just like any other SSL man-in-the-middle attack, so I guess it depends on what you call easy.
Actually, as stated in the original blog post liked from the article, it was a demo signature certificate for a person named "Apple Computer". Such certificates are offered by VeriSign without validation. The problem is that the iPhone trusts such certificates, and that it doesn't make it clear that it isn't a validated organization name it publishes.
So fix the bloody flaw. STOP HIDING FILE EXTENSIONS.
I'm not saying that I disagree, but in that case they would also have to stop supporting running unix executable files from within Finder or disable custom icons for such files.
Warning dialogs should ONLY be brought up before *rare* and *irreversible* actions. Not common ones.
Depending on point of view, launching a downloaded application for the first time could be considered rare and could definitely result in something irreversible.
The reason for the dialog you get when launching a downloaded application for the first time is to counter an otherwise existing flaw where an application could be disguised a document.
The key part of the dialog message is not that the file was downloaded from "the Internet", but rather the fact that the file is "an application".
And when you really think about it, paying any price for a digital download is simply price gouging anyway, since the cost of reproduction is zero. That means at $5, Trism is marked up 500 times. No wonder he got so rich, huh?
You seem to have a moral objection against high mark up percentages. Your first error is discussing margins in terms of percentages of costs. The only case where this is meaningful is when there is a risk involved with the cost. Since you disregard development costs, marketing costs and write-off costs, the remaining cost (distribution + "replication") carries no risk.
The markup percentage has nothing to do with how "rich" you get. Your profit comes from absolute margin times volumes sold. An acquaintance of mine runs a business with a "mark up" of < 5 % and they are still able to make loads of money. Are they saintly in your eyes?
Put not your trust in money, but put your money in trust.