I'd argue that we don't actually know if this is the case or not because we haven't yet gotten to that point. How do we know that security researchers won't just move to testing things later as well?
I'd argue that we don't actually know if this is the case or not because we haven't yet gotten to that point. How do we know that security researchers won't just move to testing things later as well?
Because entire point of their work is to find the issues as fast as possible, and most importantly, before others.
You have a lot more faith than I do that companies paying security researchers will not try to cut corners by directing the researchers they employ or hire to look at stuff that they aren't even about to install.