this person seems to think that security researchers are the only people looking for vulnerabilities when in fact the people who stand to have significant profits are apt where the vulnerabilities were probably known long before researchers found them