> but then don't understand the exploit market? Or, that they act against their own best economic interests?
Maybe they're just ethical by nature. If I could make lots of money by breaking the law or doing something un-ethical I (and in fact the vast majority of people) still wouldn't do it. Money isn't the only motivating factor.
So it is very well possible these exploits would have been worth more on the open market and still the team decided to work on this in a white-hat setting because they are simply good people.
Given the current administration and political climate giving it to the government would be even more unethical. Specially because criminals don't have the funds the NSA does, and they are 100% guaranteed to get away with any wrongdoing
I think any kind of release and hoarding exploits without doing what's possible to get the holes closed is un-ethical no matter who the recipient is, there is not much in terms of shades of gray there.
Maybe they're just ethical by nature. If I could make lots of money by breaking the law or doing something un-ethical I (and in fact the vast majority of people) still wouldn't do it. Money isn't the only motivating factor.
So it is very well possible these exploits would have been worth more on the open market and still the team decided to work on this in a white-hat setting because they are simply good people.