7. In security, what are your opinions about full-disclosure of software bugs?
I think it depends on what the bug does. If the bug puts users at risk, the best thing is to inform the users how to fix it, without saying how to exploit it. If the bug enables users to break DRM, the best thing is to inform the users so they can take advantage of it.