[odyssey7]

Okay, fair. I was thinking mostly about the high-impact issue of preserving the security vulnerability and how an essential vendor was not being candid, but you are also right to note how AMD was avoiding its responsibilities to the individual researcher himself.

[tptacek]

I mean I think you think you're doing bank-shot snark here, but what you're really revealing is that your premises hinge on AMD trying to get out of paying a bounty simply to avoid paying it. Since we know up front that's not one of AMD's incentives, what does that do to your argument? It can't help.