[nknighthb]

It's amusing that you read my statements exactly backwards, but think I'm the one misunderstanding you.

You're reciting all the standard arguments in favor of "responsible disclosure". You're literally saying nothing new. I've heard it all a thousand times. It's crap.

The longer vulnerabilities are hidden, the longer users are left at the mercy of black hats, unable to protect themselves, and the less incentive there is for developers to act.

You see it even here, where the developer "acted", but only after being exposed. You even acknowledge it, but fail to reach the logical conclusion.

This scenario has played out over and over again throughout history. Corporations will never act in the best interests of anyone but themselves. The people holding them to account are not the villains.