The sad tale of a security whistleblower: “He didn’t exploit the vulnerability, encourage or conspire with others to exploit it. He didn’t reveal the vulnerability to an underground hacker organisation. He told the affected people. For this, he went to jail.”