[BearGoesChirp]

I don't see why. The whole thing seems wrong. Having privacy and keeping secrets seems to only encourage the bad security practices. If instead every vulnerability discovered was immediately shared, our society as a whole, and especially the IT sub culture, would work quite differently. We would value security far more. Right now, it is easier to justify having less focus on security because when someone does find an exploit they'll help you patch it up before it is out of control.

On a very fundamental level, someone engaging in the free exchange of information, and this information being useful to people wanting to know what is or is not secure, cannot be a fuck up.

Microsoft had a security flaw. That's a fuck up.

People used that flaw for immoral actions. That's a double fuck up.

McAfee shared information letting people know about active security threats. That isn't a fuck up.