"Too often, so-called "security" is split into two camps: one
that believes in nondisclosure of problems by hiding knowledge
until a bug is fixed, and one that "revels in exposing vendor
security holes because they see that as just another proof that the
vendors are corrupt and crap, which admittedly mostly are,"