As much as I like Apple and OSX, I see some of the same kinds of mistakes Next/NeXT made with NextStep, being made with OSX.
(I used to sell Next software for about 6 months and got to use a NextStation every day. Very cool - later at another company I got to speak with the GUI designer Keith Ohlfs and personally thank him for the best copmuter experience I ever had.)
For instance, NextStep's POSIX interface was broken and thus, Next was not able to compete against the then-very-inferior SunOS in government contracts (because POSIX compliance was a requirement).
Instead, Next did win in CIA/NSA and other exempt contracts where the solution was considered to be "custom" and thus didn't have to follow the standards.
It probably would have taken a competent Next programmer a few weeks to fix the POSIX layer - but since POSIX was viewed as "dumb" it was never made a priority.
Apple is letting some of the boring stuff slip - which is a danger sign. Programmers at Apple can't all be programming the cool CoverFlow stuff and ignoring the "guts".
When Apple first released a developer preview of OS X back in 98/99 (IIRC) I actually emailed Jobs about using OpenSSH in the new OS (there was a lot of controversy about the munitions export act in the USA, and I was involved in the OpenSSH project - he said that they would be distributing OpenSSH, which was a big win at the time - anyway I digress), I also asked about POSIX compliance.
He said in his reply (and I wish I could find it) that POSIX compliance was a big deal for OS X, and part of the reason why so much of the FreeBSD userland was being used (I was also involved in some parts of FreeBSD at the time - there was a whole initiative around making it fully Posix compliant, way before any other free UNIX).
I knew some of the history with Next and POSIX, your comment tied the story together for me. It does show that Jobs learned his lesson when he went back to Apple.
Now more on the topic at hand. Apple need to handle security issues better. Not just in terms of disclosure but in response times and communication with the industry. You don't see many/any Apple reps at the major conferences, and no engagement at all. It was always generally known within the industry that Apple owed much of its OS X security to the fact that it just wasn't a big target. The commercial UNIX releases and Linux were targetted because they ran the worlds servers, and Windows was targeted because it was the worlds desktop. Now with OS X gaining market share they are getting more attention from sec experts and hackers.
Microsoft reformed their security policies back in 2000, after IIS 4 had a horrible run and the code red worm ran wild. Many top security and secure coding experts went to work at Microsoft at the time - it was a major shift (implementing security checks in every step of the dev process across the whole company). Apple have only had to do this more recently, and they haven't really perfected it.
I don't think he's specifically referring to POSIX compliance in the current OSX, but I can certainly attest to my experiences with A/UX (the original Mac OS/Unix hybrid OS) and say that POSIX compliance was also a minor issue - perhaps not so much for a Unix, but it's other stuff that they let slip. I don't use OSX as I don't have a Mac but I wouldn't be surprised if they're focusing on the insanely great bits to the detriment of stuff under the hood, as has happened before.
(I used to sell Next software for about 6 months and got to use a NextStation every day. Very cool - later at another company I got to speak with the GUI designer Keith Ohlfs and personally thank him for the best copmuter experience I ever had.)
For instance, NextStep's POSIX interface was broken and thus, Next was not able to compete against the then-very-inferior SunOS in government contracts (because POSIX compliance was a requirement).
Instead, Next did win in CIA/NSA and other exempt contracts where the solution was considered to be "custom" and thus didn't have to follow the standards.
It probably would have taken a competent Next programmer a few weeks to fix the POSIX layer - but since POSIX was viewed as "dumb" it was never made a priority.
Apple is letting some of the boring stuff slip - which is a danger sign. Programmers at Apple can't all be programming the cool CoverFlow stuff and ignoring the "guts".