While it's definitely plausible, and probably likely, I was looking for a source to the specific statement that Apple is "voluntarily giving the NSA zero-day vulnerabilities months before they get fixed". Are they giving them to the NSA? Is this why they're holding out on fixing them? Do we have evidence that this is their intention?