Even for responsible infosec disclosure, it’s always a limited time, and there are lots of cases of publishing before a fix, if the vendors are not cooperating, or if the exploit gains attention through other channels. And even when it works, it’s mostly limited to fairly concrete proven vulnerabilities—there’s no embargo on wild, unproven ideas.
There doesn’t seem to be a similar pipeline for non-computer security threats.
Nor is there anyone likely to be able to help during the period of limited-disclosure, nor are most of the ideas concrete and actionable enough to expect it to do any good to publish to a limited audience before full disclosure.
Even for responsible infosec disclosure, it’s always a limited time, and there are lots of cases of publishing before a fix, if the vendors are not cooperating, or if the exploit gains attention through other channels. And even when it works, it’s mostly limited to fairly concrete proven vulnerabilities—there’s no embargo on wild, unproven ideas.
Nor is there anyone likely to be able to help during the period of limited-disclosure, nor are most of the ideas concrete and actionable enough to expect it to do any good to publish to a limited audience before full disclosure.