[jvdh]

Things have progressed quite a bit since 2008 fortunately. Vulnerability disclosures have become much more acceptable, and are handled in a much better way.

Lots more information about disclosure:

* https://www.ee.oulu.fi/research/ouspg/Disclosure_tracking

* https://www.ntia.doc.gov/blog/2016/improving-cybersecurity-t...

* https://www.thegfce.com/initiatives/r/responsible-disclosure...