Who bears the risk of junior spilling a juice cup all over the expensive servers?

Passion isn't important. Cost and risk are important. The processes are put in place to (attempt) to minimize cost and risk associated with software development. Experience teaches us that cost and risk are very high when building software.

When it's your money paying for the development effort, feel free to structure it so that you can chase your passion.

I sympathize with the idea that this kind of bureaucracy can suck the life out of developers, but guys, this is work. If it were that fun, they wouldn't have to pay you to do it.

Look at my ID, whipper-snapper. I have it to point to for all the success I have in life.

It should be noted that CodeWeavers employs both Jeremy White and Alexandre Julliard.

Such an example is an honest one, and is extremely frequent in the real world. Progress is messy.

The value of finding security holes is in disclosing them to everyone, particularly the affected vendor.

The most damaging holes are the ones that only the bad guys know about. This doesn't tend to advance security in software, it just allows people to take over your machine without your permission.

Security research or incentivization schemes that don't include a built-in mechanism to promote disclosure of the discovered problems won't help much.

Your reply was quite informative, however none of what you posted was available from the link.

So I appluad your information but still find the original article pointless.