This is rich. Instead of "kicking the guy in the ass" for disclosing his findings, I'd recommend kissing his ass for disclosing this responsibly. If he wouldn't have, you, me, and many other people would be in a lot of trouble now, wouldn't we? And while we're at it, you might be interested in finding out how things like "full disclosure" and "responsible disclosure" came about in the first place. Spoiler alert, you may not like the answer.
"[...] nothing, absolutely nothing, on how to protect myself as an ordinary user." Really? He gave you two tips, didn't he? Make sure your default account doesn't have admin rights and use FileVault. He obviously can't tell us why FileVault helps without risking our safety. That's clearly not nothing.
My critique was aimed at the form of the disclosure, not the act itself. This may have not gotten through for various reasons.
> Really? He gave you two tips, didn't he?
I do stand corrected. Either the last paragraph was edited into the article after I wrote my comment, or I did not see it the first time. Unfortunately, I can no longer edit my previous comment.
"[...] nothing, absolutely nothing, on how to protect myself as an ordinary user." Really? He gave you two tips, didn't he? Make sure your default account doesn't have admin rights and use FileVault. He obviously can't tell us why FileVault helps without risking our safety. That's clearly not nothing.