> The code already was broken before somebody published the vulnerability. The difference now only is that you know about this.

The philosophy in this subthread may be too deep for me.

Me and the Jedi at the ends of the bell curve are just thinking "It's bad when your attackers know your code is vulnerable"