Responsible disclosure, or headline grabbing?
Recently, I let Cisco have it for using the responsible disclosure argument for something that had actually been known and supposedly (security advisory keeps changing) fixed for months. I've touched on the topic of responsible disclosure before and firmly believe that a reasonable amount of time must be given to the vendors and the public to create, test, and apply the patch before any disclosure is done.