I didn’t say that researchers should publish binaries without source code, I said they should hold off on publishing at all. This isn’t about open vs. closed source.
Open source is about publishing the code (and allowing it to be reused). You’re talking about not publishing the code. Plenty of software companies don’t publish binaries (e.g. Google, Facebook). Binaries or no, it’s not open source if you don’t even publish the code.
Nevertheless, when you have the binary, you stand a chance at reverse engineering. If you broadcast such a binary, you have a guaranteed leak. At least, when you don’t publish at all, you stand a chance at actual secrecy. (Pretty unlikely, though, if too much people are involved.)
In software development, secrecy is often undesirable: nobody trusts you; nobody will work with you; nobody can help you—you are pretty screwed. Thus, all the OSS in the world’s infrastructure these days.
I didn’t say that researchers should publish binaries without source code, I said they should hold off on publishing at all. This isn’t about open vs. closed source.
Open source is about publishing the code (and allowing it to be reused). You’re talking about not publishing the code. Plenty of software companies don’t publish binaries (e.g. Google, Facebook). Binaries or no, it’s not open source if you don’t even publish the code.
Nevertheless, when you have the binary, you stand a chance at reverse engineering. If you broadcast such a binary, you have a guaranteed leak. At least, when you don’t publish at all, you stand a chance at actual secrecy. (Pretty unlikely, though, if too much people are involved.)
In software development, secrecy is often undesirable: nobody trusts you; nobody will work with you; nobody can help you—you are pretty screwed. Thus, all the OSS in the world’s infrastructure these days.