> It was extremely irresponsible to share the exploit with the world before the distributions shipped the fix.

I disagree. Exploits should pe published as soon as they are written and found vulnerabilities to have as much details as possible, because if the researchers cannot write an exploit, someone else could.

- this has the advantage of forcing upgrades as soon as possible. No more “we need to see and schedule patching”

- publishing it as soon as possible makes everyne aware of the threat

- it is a learning experience for everyone

- “responsible disclosure” was invented by lazy companies that have zero interest in fixing a problem quickly