Ok, first off- drunk rambling. Had a couple tonight, but I think I can keep it all on a linear track of thought. This is a subject I was thinking about in depth earlier tonight.

I was thinking about POCs and the responsability of it all. Not sure if this should go in Cosmos or here.

Now, Normally a POC is written to light a fire under the ass of software manufacturers, right ? Then posted to a skiddie site like packetstorm (I have no beef with them, I would just rather be an inept than a skiddie). I was thinking that while a POC does light the proverbial fire, at the same time, it also encourages irresponsible computer use, i.e, skiddies. I mean, what kind of threat is that ? Fix this is pay for it... ? How is that 'responsible' ? I was thinking that how can one claim to be a responsible user while encouraging this type of behavior ?
I mean, yes, (you may be) trying to encourage patches and updates, but sometimes huge software companies don't have time for every single complaint , so you threaten them with a POC (which is really what you are doing, is threatening them) in essence saying that every single skiddie is going to attack you if you don't do this.
So you raise the bar a little (in the cource code, changing this or that). But in all honesty, how hard is it to locate the sub-routine 'PAM-AUTH-MODULE' or 'SSH-CHANNELS' ? So you gcc it, get an error, and fix it easily enough. How is that a 'responsible' POC release ? You are really encouraging skiddies, even if it was done in good faith ... I was just thinking that (Most of you) are more knowlegable about security than me, wondering what you thought. For now I think that there is no such thing as a responsible POC release.

... But then again, I'm kinda drunk ....