A good chunk of the reports are false positives (slop) per the researcher's own admission in his talk. I have no issue sharing the bug reports either; the bugs are better fixed.
What I take issue with is that they have basically released the weapon first without thinking about the consequences. And again, if you watch the talk, you'll see how he literally calls others to action to fix the problem. They made a problem and are asking you to fix it, and it will also cost you money, which conveniently goes to them. Any industry with even a semblance of regulation would find this very disturbing.
alt Hacker News
A good chunk of the reports are false positives (slop) per the researcher's own admission in his talk. I have no issue sharing the bug reports either; the bugs are better fixed.
What I take issue with is that they have basically released the weapon first without thinking about the consequences. And again, if you watch the talk, you'll see how he literally calls others to action to fix the problem. They made a problem and are asking you to fix it, and it will also cost you money, which conveniently goes to them. Any industry with even a semblance of regulation would find this very disturbing.