I’m finally getting around to reading Wired’s May 2009 story on Marc Weber Tobias, “The Ultimate Lock Picker Hacks Pentagon, Beats Corporate Security for Fun and Profit.” Many of you have probably read it already, but it raises a host of interesting questions. For example, when should a vulnerability be publicized? (For completists, Wired ran another story on Tobias in February 2005: “The Lock Busters.”)
