That argument misses the point.
Yes, the company has the primary responsibility to fix their vulnerabilities, but that doesn’t justify recklessly publishing exploits. Once an exploit is public, it’s not just 'the company' that suffers, it’s every customer, employee, and partner who relies on that system.
Saying 'fuck responsible disclosure' is basically saying 'let’s hurt innocent users until the company caves.' That’s not activism, that's collateral damage.
If someone genuinely cares about accountability, there are legal and ethical ways to pressure companies. Dumping 0-days into the wild only helps criminals, not users.
let's be clear here, though: the root problem isn't someone finding some sensitive papers left on a printer accidentally, it's the person who left them on the printer to begin with. that's the root failure, and damage that results from that root failure is the fault of the person who left them there.
the american system clearly agrees with this, too. you see it insider trading laws. you're allow to trade on insider information as long as it was, for example, overheard at a cafe when some careless blabbermouth was talking about the wrongs things in public.
These writeups are Jr. level hacks (I looked through them all). Aside from making the company look bad, you don't really learn much from it because they are so easy.
I'm tempted to just find the person that owns this blog and make sure they aren't hired int the security industry. We don't need people like this around.
the security guard of the local mall left the door unlocked when the mall was actually closed, and i saw the mall hours that it was closed, but i went in anyway out of curiosity since i was already there