Opening Pandora's Box is a good thing. It gets the issues out in the air and visible so you know what more to look out for and what needs to be fixed.

Don't forget that Hope was also released when the box was opened.

I'm not reading anything against responsible disclosure in deaken's comments. How are you getting that?

The whole "since they published that it happened, we've had a bunch of disclosures" which is a typical "I don't feel safer when people talk openly about unfixed vulnerabilities" argument.

Err no, no it's not. It's that there's been a ton more attention there. We're no more or less safe than we were before, we simply didn't know about the bugs that were there.

(FYI, I've been a security researcher for 15+ years and work as the head of hacker education for HackerOne; I am very, very pro disclosure. :) )

Another security principle is involved: assume the worst case. If CPU vulnerabilities are a popular subject, they get fixed to some extent: it's much better than letting them be as a tool in the hands of private and government black hat hackers.