seeking comments on disclosure articles

[smcalearney () cxo com]

Vulnerability Disclosure: Where Do You Stand?
If you see a glaring security hole in a sensitive application, what will you do? Will you notify the developer? The 
users? Other hackers? Sometimes it's best not to be the good Samaritan. Read about "The Chilling Effect" and also find 
out why Bruce Schneier thinks full and open disclosure is a "damned good idea" while Marcus Ranum says disclosure of 
vulnerabilities is a marketing ploy by vendors that was never really designed to further security and has only 
succeeded in fostering a "grey-market economy in exploits." Do you think disclosure only aids attackers?
http://www2.csoonline.com/exclusives/column.html?CID=28088