Hiding vulnerabilities instead of repairing them is generally regarded as poor security. The system of security alerts for vulnerabities is based on that.

Regarding Tim Toady's remark, I think that computer programs and information should not only be protected by the First Amendment (free speech aka "information sharing", for denizens of those countries), but also the Second (right to bear arms). Recall that crypto software was until recently classed as "munitions" while paper copies of it were not restricted.