>It is not 'irresponsible' for either individuals or companies to make public the discovery of such holes as soon as they can

I agree to that.

>because this is how things have been for the last 10 years.

Psuedo reasoning...

>It is 'irresponsible' for vendors to conceal, deny or SPIN away revealed holes.

I don't think so. I think is was irresponsible to go along with MS, and then pout and threaten them when things weren't happening as fast as Online would have liked. I also think it was irresponsible to demand the product be fixed in x amount of time, and also refuse to test. Thats what I'm talking about. The whole full disclosure vrs. bug secrecy thing is irrelevant to these facts.

>The article explains why in terms that could be compared to a mathematical theorem.

Based on the assumption that MS operates the same way today that they did 10 years ago, not caring about un exploited security holes. I've seen evidence lately that this isn't the case. That makes the math fall apart.