The next deadly sin is Apple's mind-set. Security requires you to think backward. The worst systems are designed by people who try to keep other people out and think accordingly. The best systems are designed by people who are empathetic. Sure, there is science and research, but fundamentally, how can I defeat it? Think like the black hat. I prescribe that Apple watch a lot of bad serial killer movies.
Finally, learn from your mistakes. Each iteration (if it has iterations) needs a retrospective. What went wrong? What went right? If you find one goto failbug, maybe you should look for other goto fail bugs? If that happens a few times, maybe you should consider goto harmful for your organization (even if you think it has its place elsewhere)? Maybe big blocks of repetitive if statements are bad, too? Who's reviewing this code at Apple?
I know I'll never have the answer. As long as the faithful line up to worship at the Apple Store and keep swiping their cards for the bling, nothing will change. Who said trustworthy computing was profitable?
Sign up for CIO Asia eNewsletters.