Every non-trivial app has vulnerabilities. One indication of a vuln is not "blatant incompetence"
I've responsibly reported my fair share of Twitter vulns over the years. In general Twitter fixed them quickly. (Except some CSRF/XSRF issue which was non-trivial and was when they had fewer resources.)
Dave Naylor was just irresponsibly publicizing something, which makes him somewhat of a jerk. Being a jerk is not necessarily a Bad Thing and of course we/I don't know the entire story here, but that's what it sounds like.
I've responsibly reported my fair share of Twitter vulns over the years. In general Twitter fixed them quickly. (Except some CSRF/XSRF issue which was non-trivial and was when they had fewer resources.)
Dave Naylor was just irresponsibly publicizing something, which makes him somewhat of a jerk. Being a jerk is not necessarily a Bad Thing and of course we/I don't know the entire story here, but that's what it sounds like.