> DHS/NSA already has them

Every major security company has them thanks to MAPP. I don't quite understand why people have such a problem with this program.

You also can't ignore that the most recent linux vulnerabilities were privately disclosed to major vendors weeks ahead of time, as well.

I'm actually sort of glad that my national defense forces get a jump on this stuff. Especially if it's only a few days or a week to secure their systems and (for the clandestine services) to retool their exploits. I believe there are actual clandestine actions in the national interest happening and it would be nice to see those enabled. (e.g. Stuxnet/sabotaging foreign nuclear weapons development)