alt Hacker News> No, you're in more pain, but other defenders with different postures benefit from having faster and fuller disclosure.
Good for them. But just because some folks cannot afford 24/7 response teams and on-call personnel that doesn't make them or their systems any less important.
Lots of non-profits and academic institutions had to scramble because of the Linux kernel team's position of non-communication to distros.
The conversation about how Linux handle these things is a good and worthy one to have and one "non-profits and academic institutions" need to have when they select distributions. I'm just here to push any of that scrutiny off the vulnerability reporters; Linux is lucky to have them, even if it's mishandling their reports. Vulnerability researchers don't owe these people anything.