Why? It was an extremely complicated procedure that required thousands of attempts using willing a sender to modify a photo subtly and measure what they got with multiple thousands of sends. . . this allowed the researchers to eventually calculate the 128 bit AES key. This is a major undertaking not suitable for an average hacker or even a sophisticated hacker to accomplish. It can only be done with some organization with lots of resources and lots of time. As I quoted above.
This vulnerability was really hard to accomplish. It was not something your average hacker had the equipment to be able to do:
"Messages sent via iMessage are vulnerable to interception by a fake Apple server. Using such a server, the researchers repeatedly sent a single photo between iOS devices, subtly making minor changes to the photo each time and checking to see how that affected the encrypted version. After thousands of tries, they finally deduced the 128-bit encryption key.The team's original attack require targeted devices to not be updated to the most recent version of iOS (by implication, any version of iOS 9), but a modified version of the attack could affect even iPhones fully patched through yesterday.
The vulnerability was closed with yesterday's update to iOS 9.3.
In any case, it was not any poor reflection on the Apple engineers at all.
Their huge egos and self righteousness makes them look like they see themselves superior to the potential good of the rest of us.