wow.. I don't even know where to start. Like I said before, its not that you rely on this. All software will have vulnerabilities, and someone is bound to find it eventually. And I said IF you think you can make prefect software. I did not say you claimed to do so.
You paint everyone out to be a criminal when they don't necessarily have malicious intent. Its more like finding a hole in a fence than breaking in. The hole is already there and they are bringing it to the companies' attention. The hole exists where out not said person lets somebody know about it. Would you rather white hats not bring it to their attention and have sometime that does have malicious intent find it and abuse it?