The pernicious element to the two cases I mentioned (and which I meant to include in my actual post—oops!) is that the latter case actually involves a legitimate add-on mechanism and the former case often involves authors blurring or omitting the facts just enough to make the average user think the hack is a legitimate add-on. I think it’s hard to argue that jailbreak users don’t know they’re performing unsupported operations and need to hold themselves responsible for the resulting misbehaviors and crashes. Most InputManager (and similar) hacks, on the other hand, pose as “regular old software” to users instead of making it clear they are unsupported hacks, so many users never realize that. In those cases, it’s harder for the user to know where the blame belongs, so the host application is the obvious choice.

In the end, it’s deeply frustrating to read anonymous user comments telling you your software sucks when the associated crash report shows a plug-in (or hack) doing the crashing; I wonder if plug-in vendors would fix more bugs if they had to read all these comments attached to their crashes?