The flaw, according to researchers, causes most iOS and Mac applications to skip a crucial verification check that's supposed to happen when many transport layer security (TLS) and secure sockets layer (SSL) connections are being negotiated. Specifically, affected apps fail to check that the ephemeral public key presented by servers offering Diffie Hellman-supported encryption is actually signed by the site's private key. Attackers with the ability to monitor the connection between the end-user and the server can exploit this failure to completely decrypt and manipulate the traffic by presenting the app with a counterfeit key.
An attacker "can basically set up a connection and pretend to be Google.com," Matt Green, a Johns Hopkins University professor specializing in encryption, told Ars. The attacker "can basically say: 'Hey I'm Google, here's my signature. And since nobody is actually going to check the signature, [the attacker] just puts nonsense in there."
I like the commentary Kristin Paget (a former Apple security engineer) left on her blog, which was republished in Forbes:
“Did you seriously just use one of your platforms to drop an SSL 0day on your other platform?” she writes, using the phrase “zero-day,” an industry term for a previously unknown security flaw. “As I sit here on my mac I’m vulnerable to this and there’s nothing I can do, because you couldn’t release a patch for both platforms at the same time? You do know there’s a bunch of live, working exploits for this out in the wild right now, right?”
I can't tell if this is a backdoor left for spooks, a disgruntled Apple engineer, or some kind of internal corporate clusterfuck.
Maybe some mix of the three?