"hope that [..] any loud zero disclosure of a flaw like that provides enough clues for the "white hats" to track down the problem in short order"
Auctioning off security flaws to the highest bidder is not a white hat activity. Giving the vendor first crack at buying your security flaw is, likewise, not a white hat activity.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds