[Kalium]

OK. In your mind, what's the ethically correct way to do security research into major company's products and disclose what you might find?

[cptskippy]

And independent nonprofit organization with a clear mission statement and no ulterior motives. Not Google Employees operating under the oversight of Google management.

[Kalium]

Would the results still be ethically clear in your mind if this nonprofit with a clear mission statement received significant funding from Google?

[cptskippy]

Like Mozilla? I think if such an organization existed, I would hope that it recognized the conflict of interest in such an arrangement and be working to clarify or rectify the arrangement.