Hmm...
Even though Apple didn't mean to have the SSH open to the world, I'm still pretty staggered that they chose a default password that is the same on every device. A little foresight would have made this attack nigh on impossible. And I do appreciate that you shouldn't be jail-breaking your phone, but part of the initial setup for the iPhone should be to enter your own passwords.