Comment Re:Seems like a way to discourage work (Score 1) 27
If you have been around for any length of time you would know that the reason bug sharing with open source groups became a thing is that without a concern about exposure software companies seldom patched things.
This created opportunities for people to develop reputations based on the quality of their finds and eventually created the proof needed to develope things such as well established open source intelligence and companies that specialized in coordinating bug bounty programs, and decentralized pen testing groups.
If you cut off the ability to share with anyone but the vendor who created the bug and the government all the rest of it fails.