Usually I'd agree with you, but when it comes to offering a service that provides security, it is different.
Why? Because with any other service, the people using it are going to be able to judge whether it is effective. If Word crashes when I open it, or is buggy, I'll know that and I can choose to use something else.
But with a product that is offering security, there is no way for an "ordinary" end user to know whether it really works or not. As is shown time and time again, providing good security is freakin hard. So you'd better be on your game if you're claiming to provide that.
And honestly, if someone is donating their time to check the security of other people's applications, and all they ask in return is to be a little smug when they point out problems, I think that's a fair trade-off.
Why? Because with any other service, the people using it are going to be able to judge whether it is effective. If Word crashes when I open it, or is buggy, I'll know that and I can choose to use something else.
But with a product that is offering security, there is no way for an "ordinary" end user to know whether it really works or not. As is shown time and time again, providing good security is freakin hard. So you'd better be on your game if you're claiming to provide that.
And honestly, if someone is donating their time to check the security of other people's applications, and all they ask in return is to be a little smug when they point out problems, I think that's a fair trade-off.